another Virtumonde vic!

eddiejones · Aug 13, 2008

I've been trying to manage this trojan by myself and now admit I need help. Whenever I run spybot it shows up 10 times or more.

I've removed my favorate P2p program and promise not to download serial number gererators. Any help would be great!!!

Thanks in advance. Here is my HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 12:16:24 PM, on 8/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\ed_scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {0D1F7897-22DA-4C6E-AA15-B4CAD3894438} - C:\WINDOWS\system32\atioglx.dll
O2 - BHO: (no name) - {11F12CE4-B0DF-47FB-84E8-9A2D292C3C90} - C:\WINDOWS\system32\awtTjJCv.dll
O2 - BHO: (no name) - {189AB42E-0ABF-4447-9958-DA1E1C52D377} - C:\WINDOWS\system32\awtroMCS.dll
O2 - BHO: (no name) - {3E720C72-EDB0-41B4-8E67-0D6F6D05BA41} - C:\WINDOWS\system32\ssttt.dll (file missing)
O2 - BHO: {282400f4-f916-002a-96d4-9667f7245305} - {5035427f-7669-4d69-a200-619f4f004282} - C:\WINDOWS\system32\dgtagi.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67458F42-E964-4623-A294-BA4C86BDD87B} - (no file)
O2 - BHO: (no name) - {DB2377AE-602E-4D7B-A1A6-431BF45918Be} - C:\WINDOWS\system32\pabmsfbj.dll (file missing)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [58be37a2] rundll32.exe "C:\WINDOWS\system32\htyveami.dll",b
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\appleitunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BM5b8d043e] Rundll32.exe "C:\WINDOWS\system32\kmahkksg.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA6966] command /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC865] cmd /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - HKCU\..\Run: [Bomgar Support Reconnect []] "C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-488D11CA\bomgar-scc.exe" -nomulti
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB4790] command /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3419] cmd /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
O8 - Extra context menu item: Add to Evernote - res://C:\Program Files\Evernote\Evernote3\enbar.dll/2000
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freeware/installdrivecleanerstart.cab
O20 - Winlogon Notify: awtTjJCv - C:\WINDOWS\SYSTEM32\awtTjJCv.dll
O20 - Winlogon Notify: jkkhfcc - jkkhfcc.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Net message Service - Unknown owner - C:\WINDOWS\system32\netmsg.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: Windows sharing object - Unknown owner - C:\WINDOWS\system32\winvercp.exe (file missing)
O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

ken545 · Aug 14, 2008

Double post

ken545 · Aug 14, 2008

Hello eddiejones

Welcome to Safer Networking.

Please read Before YouPost
That said, All advice given by anyone volunteering here, is taken at own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.

You have a real mess going on, I want you to read this about P2P ( File Sharing Programs)

P2P programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realize. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.

When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

We see no purpose in cleaning your machine if you use P2P programs, as it is pretty much certain that if you continue to use them then you will get infected again.

Cracked Software..besides it being illegal it almost 100% of the time includes a virus or some sort of malware, not a good idea to download any of those programs unless your planning on using your computer for a doorstop.

Your Hijackthis program is outdated, drag it to the trash and download the latest version from Trendmicro.

Download Trendmicros Hijackthis to your desktop.

Double click it to install
Follow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exe

Do this first...Important

Disable the TeaTimer, you can re enable it when were done if you wish

Run Spybot-S&D in Advanced Mode.
If it is not already set to do this Go to the Mode menu select "Advanced Mode"
On the left hand side, Click on Tools
Then click on the Resident Icon in the List
Uncheck "Resident TeaTimer" and OK any prompts.
Restart your computer.

Only do this after you install the new version
Open HijackThis > Do a System Scan Only, close your browser and all open windows including this one, the only program or window you should have open is HijackThis, check the following entries and click on Fix Checked.

O2 - BHO: (no name) - {0D1F7897-22DA-4C6E-AA15-B4CAD3894438} - C:\WINDOWS\system32\atioglx.dll
O2 - BHO: (no name) - {11F12CE4-B0DF-47FB-84E8-9A2D292C3C90} - C:\WINDOWS\system32\awtTjJCv.dll
O2 - BHO: (no name) - {189AB42E-0ABF-4447-9958-DA1E1C52D377} - C:\WINDOWS\system32\awtroMCS.dll
O2 - BHO: (no name) - {3E720C72-EDB0-41B4-8E67-0D6F6D05BA41} - C:\WINDOWS\system32\ssttt.dll (file missing
O2 - BHO: {282400f4-f916-002a-96d4-9667f7245305} - {5035427f-7669-4d69-a200-619f4f004282} - C:\WINDOWS\system32\dgtagi.dll
O2 - BHO: (no name) - {67458F42-E964-4623-A294-BA4C86BDD87B} - (no file)
O2 - BHO: (no name) - {DB2377AE-602E-4D7B-A1A6-431BF45918Be} - C:\WINDOWS\system32\pabmsfbj.dll (file missing)

O4 - HKLM\..\Run: [58be37a2] rundll32.exe "C:\WINDOWS\system32\htyveami.dll",b
O4 - HKLM\..\Run: [BM5b8d043e] Rundll32.exe "C:\WINDOWS\system32\kmahkksg.dll",s
O4 - HKLM\..\RunOnce: [SpybotDeletingA6966] command /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC865] cmd /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4790] command /c del "C:\WINDOWS\system32\kmahkksg.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3419] cmd /c del "C:\WINDOWS\system32\kmahkksg.dll_old"

This is where you went wrong...its a trojan
O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://www.drivecleaner.com/.freewar...eanerstart.cab

O20 - Winlogon Notify: awtTjJCv - C:\WINDOWS\SYSTEM32\awtTjJCv.dll
O20 - Winlogon Notify: jkkhfcc - jkkhfcc.dll (file missing

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected. <-- Don't forget to do this
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and Paste the entire report in your next reply along with a New Hijackthis log.

Open HJT Scan and Save a Log File, it will open in Notepad
Go to Format and make sure Wordwrap is Unchecked
Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.

eddiejones · Aug 15, 2008

Progress so far...

It looks like my first post got lost so I'll try again...

OK, I updated HJT, checked that teatimer was off (it was) and launched the new HJT to fix the problems listed. the list was long, but only 2 of the entries that you listed were there:

04 - HKLM....[58be37a2]...
016 -DPF: {2D2BEE6E....

These were the only ones that I check and were fixed...

First Malwarebyte report:
Malwarebytes' Anti-Malware 1.24
Database version: 1056
Windows 5.1.2600 Service Pack 2

1:56:49 PM 8/15/2008
mbam-log-8-15-2008 (13-56-48).txt

Scan type: Quick Scan
Objects scanned: 47566
Time elapsed: 9 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 5
Registry Keys Infected: 26
Registry Values Infected: 7
Registry Data Items Infected: 2
Folders Infected: 136
Files Infected: 446

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\awtroMCS.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\jbmsjsja.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ndjsig.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\rsfygdxv.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\awtTjJCv.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{567b6984-5092-4732-a580-236758da8a7e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{567b6984-5092-4732-a580-236758da8a7e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c7b8f43-575a-4a3b-90ac-2e05fdb14e37} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6c7b8f43-575a-4a3b-90ac-2e05fdb14e37} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11f12ce4-b0df-47fb-84e8-9a2d292c3c90} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{11f12ce4-b0df-47fb-84e8-9a2d292c3c90} (Trojan.BHO) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0ff60ef3-7890-4336-80c5-8fd5941c2f6e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awttjjcv (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winantispyware 2007 free_is1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\winantispyware 2007 free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\was7_is1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\winantispyware 2007 free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CAC (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\58be37a2 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm5b8d043e (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{11f12ce4-b0df-47fb-84e8-9a2d292c3c90} (Trojan.Vundo) -> Delete on reboot.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\awtromcs -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\awtromcs -> Delete on reboot.

Folders Infected:
C:\Documents and Settings\All Users\Start Menu\Programs\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\quaratine.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\08eac1dd7972434a028d6593 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\253754f672124218f9b61491 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\2e574369cd97473b0f51d9af (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\32b76525ac9249dafa365495 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\0238ff946cf047371a9f0e82 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\7a19a3a1e315478efb967aa8 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\c29623a2241d4962cc59d4a7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0d4695cc1bc5450ba8a72590 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0de32598a21a40bdd861179e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0ff0ab1b56214f94e9c2a384 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\17a440413c3a4ef4b3867481 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\19c46fe685a2460cd5862f8e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\1bfec5526a2144cbc9781f97 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\23f215e5bddb455c22c5c898 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\32cc17442f2a4746e424cd8c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\36348e484e2549f8f7dc7c8e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a6f451d27dd471f5d3bdaac (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a7aa740ed994d7a6566f1bd (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3b2be827ade342bb50d7ef9e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\41e917e05b064896a52aa796 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\4ddadcc7367b471b47e99e88 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\519e918232884885c9440387 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\51b19150e0c646895b62b892 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\541f67a77b254d2390d183ab (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\573114c6a55840a4f5da9c88 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\5b94ad269eb443f1b82083a5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\628037d479ab41c4a41f2187 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\671fde8f5c62468d1f2c7180 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6c8ded8fe5ff49ea1d1b95b6 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6fc5b4485dcb48ba9429f1bd (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\76d04999765a4635622d3b95 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\772e44aa49b24214da004690 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\782bc80aefe04d8d26a1058c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\83419652702847dd52d86a8a (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8978220255884650f45fb5b1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\89b19965122249e2c9dd3e9e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8e56ac773ce6466a3f97a9a6 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9036bd9ad0f249bbd3707693 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\99844524f9b447f84525d5a0 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9e80eb67cbd5412396086cad (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a128014276ba4a2e9f1b35a2 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2d96f76a784437807dccabd (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2e263ff1622465b0ae7189f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a5697343a18049d0a40a4398 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a6ba19f64dad470284391f89 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ada45687b3f645315dee1fb5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af3b8a5bfb424537957d2da3 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af63926bb1134c4b9fceb4a1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\b4993ff640bf42902f834283 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bb30512a96544e5a1355d8b7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\be92d274d62142c84dc015b9 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bf62325679b94ca75d4eec89 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfac9c526c13410bf24f89a3 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfe4a39e9ccc4fd59943c8be (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c0bdb6e63206424647e80690 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c37ecc7639e345658fc4efaa (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c480f43e87b6489b3dafd589 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c6632da29a2d405099c4f7ad (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c7beb0c95c1d41a133f30091 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cdce58cd90f84ab5f3123d8f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cfaf21b909eb44634e0c1a89 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d33736e1290e4ea4633d9d85 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d37650d5bd9a40df3793b4b4 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d636c248980a45ecf9f7c991 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e18e16d4bf944a9b58947292 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e272c93da1934e5992677589 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e2a9ed5c30864f9ba75af19c (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e84bb4ed4b6e4e136c9a9291 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ea6dd7821bc3439bb43270ab (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f4376d61a9f84503c7987fb7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f9cf151a30ba4f350b1e1286 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ffdfd8ec501042b1fd8e29a1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\0a074723a8c24d2a8468b9ae (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2cf845f4025340de3542d381 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2e6185f9ab7d47d68c384996 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2fbb264855bc47ef01375ca0 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\321b93bd2acb420d93ad2695 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\4daeb9d094b74e298813f6b7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\4e0e8274f7a44a3b08eb48b3 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\53129e7cd00d48624ef35b80 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\53fce6cc3d3843882283e78a (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\5790ca79dfba49d621f9c197 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\58f3b3ef585a4e352d7b7488 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\59f6ec6cc6d440d31d7d14b4 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\60bce9f3403148f572fee78f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\65488114a026479e2883818b (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\671d4ef171f24671bfe429ac (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6839f05f2b984cdcabf90d9b (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6e2ff8b30739474b38f19895 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6f14f8a237f543231ed678b8 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\7334acf190f74f039a5a0297 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\80f8b355aae14f317f90e9b7 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\89de780869324e9bc1331fa1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8b85146b7dc349602bc5f2a9 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8c7349cdc92e47c0c5878287 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\97e1d78692c3471f97afe1a3 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\9f41c24a21754d8835147897 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a14a9d3eb0a94143a58fdf85 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a20db8b07794454cc2c9e1ac (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a3dc0f45208141fa4ad28c87 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a56449a7d69f40ec3ca842ab (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a677f0310f6848eb95a1aea0 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a6a556a831a54f2da5b4b780 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a7ba65887a614efb640f3e99 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\af82ee0c59ef485c38a82688 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\b93b741f81c94232da709fae (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c0ac6a79b73d4f080ab542a1 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c486633bc6824e7597a94181 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c95a0d1f6f0243ae6c0682a5 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c99d3eec379649446fbd9180 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ccb80306b7ad4ba6b2ffdaa6 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\cd422da9d45d4ef47d0ab594 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\d581fdb4d04541e790688f9f (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\dffc390c63f742eea933b09d (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e023d48010bb454352e677ab (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e8edaef6f4724632b34817b9 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\eb5693dd1ca74f1efd346c8e (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\edfbe6144b984b294b49fb86 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\f338239901b241b48c89018a (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\fefd727014114231b0251fb8 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ff891a7604d7482c3d2ccfaf (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ffa3ff028c22466d2eff84a4 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\Download (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007 Free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\WinAntiSpyware 2007\Logs (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\oxweul.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\awtroMCS.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\SCMortwa.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\SCMortwa.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\alngptbv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbtpgnla.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bunwrnho.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ohnrwnub.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fgtmtkbn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nbktmtgf.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jbmsjsja.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ajsjsmbj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jhsyklov.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\volkyshj.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\keajmmdf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fdmmjaek.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfdmkmto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\otmkmdfl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sjtcrfbo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\obfrctjs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sklywfcx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xcfwylks.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vbcfgqge.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\egqgfcbv.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xnrpirlh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hlriprnx.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ndjsig.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\rsfygdxv.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\awtTjJCv.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\fugxaqwn.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ilhgmljh.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cqxstlnv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arvidjac.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gqxvjniu.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nmkjanyt.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okkuiyaw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\plondbwt.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qxaqoeiy.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sikpxjpa.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kagevpcg.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yuyacqky.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dayrqkox.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\epuwjvax.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\uqpehf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\09EZ41YR\ptch[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\3TUGZYN4\kb767887[1] (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\81SVCJOZ\kb456456[2] (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\90EE9AJK\kb65666[1] (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\V19MRHE8\kb456456[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5\V19MRHE8\kb767887[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\WinAntiSpyware 2007\Contact customer support.lnk (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\WinAntiSpyware 2007\Uninstall WinAntiSpyware 2007.lnk (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\WinAntiSpyware 2007\WinAntiSpyware 2007 on the Web.lnk (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\WinAntiSpyware 2007\WinAntiSpyware 2007 Online Manual.lnk (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\WinAntiSpyware 2007\WinAntiSpyware 2007.lnk (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\Activate.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\AsAgents.dll (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\atl71.dll (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\bnlink.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\err.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\license.rtf (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\manual.url (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\mfc71.dll (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\msvcp71.dll (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\msvcr71.dll (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\pv.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\readme.rtf (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\scanlog.xml (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\settings.ini (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\shellext.dll (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\shellext.xml (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\sr.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\support.url (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\unins000.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\unins000.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\updater.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\vbpv.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\WAS7.url (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\was7.xml (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\appupdate.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\AutoProcess.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\dbupdate.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\enemies.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\knownfiles.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\PortSpec.ats (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\Summary.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\tasks.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\TEBase.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\threatnet.dat (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\quaratine.dat\#post_quarantin_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\08eac1dd7972434a028d6593\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\08eac1dd7972434a028d6593\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\08eac1dd7972434a028d6593\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\253754f672124218f9b61491\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\253754f672124218f9b61491\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\253754f672124218f9b61491\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\2e574369cd97473b0f51d9af\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\2e574369cd97473b0f51d9af\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\2e574369cd97473b0f51d9af\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\32b76525ac9249dafa365495\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\32b76525ac9249dafa365495\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\0ea89e49e24c4449e3e70a9d\32b76525ac9249dafa365495\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\0238ff946cf047371a9f0e82\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\0238ff946cf047371a9f0e82\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\0238ff946cf047371a9f0e82\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\7a19a3a1e315478efb967aa8\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\7a19a3a1e315478efb967aa8\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\7a19a3a1e315478efb967aa8\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\c29623a2241d4962cc59d4a7\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\c29623a2241d4962cc59d4a7\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\cb7b294434b04cd2da836689\c29623a2241d4962cc59d4a7\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0d4695cc1bc5450ba8a72590\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0d4695cc1bc5450ba8a72590\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0d4695cc1bc5450ba8a72590\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0de32598a21a40bdd861179e\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0de32598a21a40bdd861179e\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0de32598a21a40bdd861179e\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0ff0ab1b56214f94e9c2a384\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0ff0ab1b56214f94e9c2a384\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0ff0ab1b56214f94e9c2a384\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\0ff0ab1b56214f94e9c2a384\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\17a440413c3a4ef4b3867481\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\17a440413c3a4ef4b3867481\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\17a440413c3a4ef4b3867481\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\17a440413c3a4ef4b3867481\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\19c46fe685a2460cd5862f8e\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\19c46fe685a2460cd5862f8e\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\19c46fe685a2460cd5862f8e\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\19c46fe685a2460cd5862f8e\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\1bfec5526a2144cbc9781f97\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\1bfec5526a2144cbc9781f97\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\1bfec5526a2144cbc9781f97\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\23f215e5bddb455c22c5c898\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\23f215e5bddb455c22c5c898\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\23f215e5bddb455c22c5c898\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\32cc17442f2a4746e424cd8c\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\32cc17442f2a4746e424cd8c\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\32cc17442f2a4746e424cd8c\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\32cc17442f2a4746e424cd8c\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\36348e484e2549f8f7dc7c8e\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\36348e484e2549f8f7dc7c8e\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\36348e484e2549f8f7dc7c8e\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a6f451d27dd471f5d3bdaac\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a6f451d27dd471f5d3bdaac\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a6f451d27dd471f5d3bdaac\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a7aa740ed994d7a6566f1bd\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a7aa740ed994d7a6566f1bd\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3a7aa740ed994d7a6566f1bd\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3b2be827ade342bb50d7ef9e\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3b2be827ade342bb50d7ef9e\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\3b2be827ade342bb50d7ef9e\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\41e917e05b064896a52aa796\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\41e917e05b064896a52aa796\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\41e917e05b064896a52aa796\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\4ddadcc7367b471b47e99e88\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\4ddadcc7367b471b47e99e88\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\4ddadcc7367b471b47e99e88\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\519e918232884885c9440387\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\519e918232884885c9440387\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\519e918232884885c9440387\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\51b19150e0c646895b62b892\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\51b19150e0c646895b62b892\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\51b19150e0c646895b62b892\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\51b19150e0c646895b62b892\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\541f67a77b254d2390d183ab\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\541f67a77b254d2390d183ab\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\541f67a77b254d2390d183ab\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\573114c6a55840a4f5da9c88\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\573114c6a55840a4f5da9c88\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\573114c6a55840a4f5da9c88\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\5b94ad269eb443f1b82083a5\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\5b94ad269eb443f1b82083a5\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

eddiejones · Aug 15, 2008

progress so far....continued

C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\5b94ad269eb443f1b82083a5\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\5b94ad269eb443f1b82083a5\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\628037d479ab41c4a41f2187\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\628037d479ab41c4a41f2187\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\628037d479ab41c4a41f2187\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\671fde8f5c62468d1f2c7180\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\671fde8f5c62468d1f2c7180\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\671fde8f5c62468d1f2c7180\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6c8ded8fe5ff49ea1d1b95b6\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6c8ded8fe5ff49ea1d1b95b6\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6c8ded8fe5ff49ea1d1b95b6\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6c8ded8fe5ff49ea1d1b95b6\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6fc5b4485dcb48ba9429f1bd\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6fc5b4485dcb48ba9429f1bd\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6fc5b4485dcb48ba9429f1bd\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\6fc5b4485dcb48ba9429f1bd\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\76d04999765a4635622d3b95\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\76d04999765a4635622d3b95\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\76d04999765a4635622d3b95\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\76d04999765a4635622d3b95\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\772e44aa49b24214da004690\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\772e44aa49b24214da004690\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\772e44aa49b24214da004690\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\772e44aa49b24214da004690\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\782bc80aefe04d8d26a1058c\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\782bc80aefe04d8d26a1058c\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\782bc80aefe04d8d26a1058c\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\782bc80aefe04d8d26a1058c\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\83419652702847dd52d86a8a\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\83419652702847dd52d86a8a\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\83419652702847dd52d86a8a\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\83419652702847dd52d86a8a\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8978220255884650f45fb5b1\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8978220255884650f45fb5b1\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8978220255884650f45fb5b1\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\89b19965122249e2c9dd3e9e\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\89b19965122249e2c9dd3e9e\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\89b19965122249e2c9dd3e9e\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8e56ac773ce6466a3f97a9a6\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8e56ac773ce6466a3f97a9a6\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\8e56ac773ce6466a3f97a9a6\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9036bd9ad0f249bbd3707693\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9036bd9ad0f249bbd3707693\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9036bd9ad0f249bbd3707693\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\99844524f9b447f84525d5a0\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\99844524f9b447f84525d5a0\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\99844524f9b447f84525d5a0\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9e80eb67cbd5412396086cad\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9e80eb67cbd5412396086cad\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\9e80eb67cbd5412396086cad\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a128014276ba4a2e9f1b35a2\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a128014276ba4a2e9f1b35a2\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a128014276ba4a2e9f1b35a2\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2d96f76a784437807dccabd\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2d96f76a784437807dccabd\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2d96f76a784437807dccabd\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2e263ff1622465b0ae7189f\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2e263ff1622465b0ae7189f\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2e263ff1622465b0ae7189f\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a2e263ff1622465b0ae7189f\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a5697343a18049d0a40a4398\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a5697343a18049d0a40a4398\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a5697343a18049d0a40a4398\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a6ba19f64dad470284391f89\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a6ba19f64dad470284391f89\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a6ba19f64dad470284391f89\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\a6ba19f64dad470284391f89\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ada45687b3f645315dee1fb5\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ada45687b3f645315dee1fb5\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ada45687b3f645315dee1fb5\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af3b8a5bfb424537957d2da3\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af3b8a5bfb424537957d2da3\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af3b8a5bfb424537957d2da3\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af63926bb1134c4b9fceb4a1\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af63926bb1134c4b9fceb4a1\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af63926bb1134c4b9fceb4a1\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\af63926bb1134c4b9fceb4a1\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\b4993ff640bf42902f834283\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\b4993ff640bf42902f834283\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\b4993ff640bf42902f834283\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bb30512a96544e5a1355d8b7\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bb30512a96544e5a1355d8b7\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bb30512a96544e5a1355d8b7\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bb30512a96544e5a1355d8b7\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\be92d274d62142c84dc015b9\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\be92d274d62142c84dc015b9\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\be92d274d62142c84dc015b9\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bf62325679b94ca75d4eec89\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bf62325679b94ca75d4eec89\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bf62325679b94ca75d4eec89\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfac9c526c13410bf24f89a3\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfac9c526c13410bf24f89a3\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfac9c526c13410bf24f89a3\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfe4a39e9ccc4fd59943c8be\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfe4a39e9ccc4fd59943c8be\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfe4a39e9ccc4fd59943c8be\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\bfe4a39e9ccc4fd59943c8be\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c0bdb6e63206424647e80690\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c0bdb6e63206424647e80690\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c0bdb6e63206424647e80690\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c37ecc7639e345658fc4efaa\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c37ecc7639e345658fc4efaa\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c37ecc7639e345658fc4efaa\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c480f43e87b6489b3dafd589\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c480f43e87b6489b3dafd589\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c480f43e87b6489b3dafd589\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c480f43e87b6489b3dafd589\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c6632da29a2d405099c4f7ad\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c6632da29a2d405099c4f7ad\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c6632da29a2d405099c4f7ad\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c7beb0c95c1d41a133f30091\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c7beb0c95c1d41a133f30091\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c7beb0c95c1d41a133f30091\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\c7beb0c95c1d41a133f30091\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cdce58cd90f84ab5f3123d8f\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cdce58cd90f84ab5f3123d8f\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cdce58cd90f84ab5f3123d8f\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cfaf21b909eb44634e0c1a89\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cfaf21b909eb44634e0c1a89\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\cfaf21b909eb44634e0c1a89\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d33736e1290e4ea4633d9d85\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d33736e1290e4ea4633d9d85\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d33736e1290e4ea4633d9d85\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d33736e1290e4ea4633d9d85\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d37650d5bd9a40df3793b4b4\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d37650d5bd9a40df3793b4b4\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d37650d5bd9a40df3793b4b4\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d636c248980a45ecf9f7c991\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d636c248980a45ecf9f7c991\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\d636c248980a45ecf9f7c991\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e18e16d4bf944a9b58947292\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e18e16d4bf944a9b58947292\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e18e16d4bf944a9b58947292\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e272c93da1934e5992677589\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e272c93da1934e5992677589\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e272c93da1934e5992677589\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e2a9ed5c30864f9ba75af19c\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e2a9ed5c30864f9ba75af19c\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e2a9ed5c30864f9ba75af19c\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e2a9ed5c30864f9ba75af19c\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e84bb4ed4b6e4e136c9a9291\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e84bb4ed4b6e4e136c9a9291\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e84bb4ed4b6e4e136c9a9291\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\e84bb4ed4b6e4e136c9a9291\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ea6dd7821bc3439bb43270ab\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ea6dd7821bc3439bb43270ab\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ea6dd7821bc3439bb43270ab\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f4376d61a9f84503c7987fb7\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f4376d61a9f84503c7987fb7\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f4376d61a9f84503c7987fb7\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f9cf151a30ba4f350b1e1286\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f9cf151a30ba4f350b1e1286\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\f9cf151a30ba4f350b1e1286\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ffdfd8ec501042b1fd8e29a1\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ffdfd8ec501042b1fd8e29a1\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ffdfd8ec501042b1fd8e29a1\#nam_ (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\55e726f7c9414342712069a0\e227a703badf4150810cfe85\ffdfd8ec501042b1fd8e29a1\HP_Own_r (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\0a074723a8c24d2a8468b9ae\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\0a074723a8c24d2a8468b9ae\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2cf845f4025340de3542d381\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2cf845f4025340de3542d381\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2e6185f9ab7d47d68c384996\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2e6185f9ab7d47d68c384996\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2fbb264855bc47ef01375ca0\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\2fbb264855bc47ef01375ca0\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\321b93bd2acb420d93ad2695\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\321b93bd2acb420d93ad2695\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\4daeb9d094b74e298813f6b7\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\4daeb9d094b74e298813f6b7\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\4e0e8274f7a44a3b08eb48b3\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\4e0e8274f7a44a3b08eb48b3\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\53129e7cd00d48624ef35b80\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\53129e7cd00d48624ef35b80\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\53fce6cc3d3843882283e78a\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\53fce6cc3d3843882283e78a\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\5790ca79dfba49d621f9c197\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\5790ca79dfba49d621f9c197\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\58f3b3ef585a4e352d7b7488\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\58f3b3ef585a4e352d7b7488\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\59f6ec6cc6d440d31d7d14b4\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\59f6ec6cc6d440d31d7d14b4\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\59f6ec6cc6d440d31d7d14b4\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\60bce9f3403148f572fee78f\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\60bce9f3403148f572fee78f\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\65488114a026479e2883818b\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\65488114a026479e2883818b\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\671d4ef171f24671bfe429ac\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\671d4ef171f24671bfe429ac\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6839f05f2b984cdcabf90d9b\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6839f05f2b984cdcabf90d9b\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6e2ff8b30739474b38f19895\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6e2ff8b30739474b38f19895\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6f14f8a237f543231ed678b8\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\6f14f8a237f543231ed678b8\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\7334acf190f74f039a5a0297\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\7334acf190f74f039a5a0297\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\80f8b355aae14f317f90e9b7\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\80f8b355aae14f317f90e9b7\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\89de780869324e9bc1331fa1\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\89de780869324e9bc1331fa1\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8b85146b7dc349602bc5f2a9\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8b85146b7dc349602bc5f2a9\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8c7349cdc92e47c0c5878287\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8c7349cdc92e47c0c5878287\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\8c7349cdc92e47c0c5878287\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\97e1d78692c3471f97afe1a3\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\97e1d78692c3471f97afe1a3\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\9f41c24a21754d8835147897\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\9f41c24a21754d8835147897\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a14a9d3eb0a94143a58fdf85\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a14a9d3eb0a94143a58fdf85\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a20db8b07794454cc2c9e1ac\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a20db8b07794454cc2c9e1ac\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a3dc0f45208141fa4ad28c87\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a3dc0f45208141fa4ad28c87\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a56449a7d69f40ec3ca842ab\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a56449a7d69f40ec3ca842ab\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a677f0310f6848eb95a1aea0\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a677f0310f6848eb95a1aea0\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a6a556a831a54f2da5b4b780\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a6a556a831a54f2da5b4b780\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a7ba65887a614efb640f3e99\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\a7ba65887a614efb640f3e99\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\af82ee0c59ef485c38a82688\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\af82ee0c59ef485c38a82688\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\b93b741f81c94232da709fae\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\b93b741f81c94232da709fae\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c0ac6a79b73d4f080ab542a1\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c0ac6a79b73d4f080ab542a1\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c486633bc6824e7597a94181\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c486633bc6824e7597a94181\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c95a0d1f6f0243ae6c0682a5\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c95a0d1f6f0243ae6c0682a5\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c99d3eec379649446fbd9180\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\c99d3eec379649446fbd9180\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ccb80306b7ad4ba6b2ffdaa6\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ccb80306b7ad4ba6b2ffdaa6\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\cd422da9d45d4ef47d0ab594\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\cd422da9d45d4ef47d0ab594\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\d581fdb4d04541e790688f9f\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\d581fdb4d04541e790688f9f\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\dffc390c63f742eea933b09d\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\dffc390c63f742eea933b09d\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e023d48010bb454352e677ab\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e023d48010bb454352e677ab\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e8edaef6f4724632b34817b9\#data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e8edaef6f4724632b34817b9\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\e8edaef6f4724632b34817b9\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\eb5693dd1ca74f1efd346c8e\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\eb5693dd1ca74f1efd346c8e\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\edfbe6144b984b294b49fb86\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\edfbe6144b984b294b49fb86\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\f338239901b241b48c89018a\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\f338239901b241b48c89018a\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\fefd727014114231b0251fb8\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\fefd727014114231b0251fb8\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ff891a7604d7482c3d2ccfaf\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ff891a7604d7482c3d2ccfaf\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ffa3ff028c22466d2eff84a4\#int_rnal (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\WinAntiSpyware 2007 Free\database\RTMonitor.dat\feb39460b5b54d2d6ba7c487\ffa3ff028c22466d2eff84a4\#startup (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\WinAntiSpyware 2007\Logs\update.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atkbavsm.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM5b8d043e.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM5b8d043e.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bkgtteqo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ypdgxepv.dll (Trojan.vundo) -> Quarantined and deleted successfully.

Malwarebyte wanted to reboot and fix 4 more problems. During the reboot, I encountered several new error messages, all related to ...\win32\oxweul.dll.... I OKed through these but Malwarebyte did not autorun. I launched it after the bootup completed.

Second Malwarebyte report after reboot:

Malwarebytes' Anti-Malware 1.24
Database version: 1056
Windows 5.1.2600 Service Pack 2

2:09:01 PM 8/15/2008
mbam-log-8-15-2008 (14-09-01).txt

Scan type: Quick Scan
Objects scanned: 47278
Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Latest HJT:
Malwarebytes' Anti-Malware 1.24
Database version: 1056
Windows 5.1.2600 Service Pack 2

2:09:01 PM 8/15/2008
mbam-log-8-15-2008 (14-09-01).txt

Scan type: Quick Scan
Objects scanned: 47278
Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

thanks again for you help so far....

ken545 · Aug 15, 2008

Good job Eddie :bigthumb: There is most likely more hiding so let do this.

Please download ATF Cleaner by Atribune to your desktop.

This program is for XP and Windows 2000 only
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.

Download ComboFix from Here or Here to your Desktop.

In the event you already have Combofix, this is a new version that I need you to download.
It must be saved directly to your desktop.

1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan.
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re enable the protection again afterwards before connecting to the net

2. Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running combofix.

IF you have not already done so Combofix will disconnect your machine from the Internet when it starts.
If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

3. Now double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review

Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze.

eddiejones · Aug 16, 2008

latest HJT

OK ATF ran fine, but ComboFix continued to hank on check 31. Ive tried several times, and must be missing a anti virus of something. (I killed guard.exe first)

anyway, here is the latest HJT dump.

Thanks again for the continued help!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:16, on 2008-08-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\appleitunes\iTunesHelper.exe
C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {0D1F7897-22DA-4C6E-AA15-B4CAD3894438} - C:\WINDOWS\system32\atioglx.dll
O2 - BHO: (no name) - {3E720C72-EDB0-41B4-8E67-0D6F6D05BA41} - C:\WINDOWS\system32\ssttt.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67458F42-E964-4623-A294-BA4C86BDD87B} - (no file)
O2 - BHO: (no name) - {DB2377AE-602E-4D7B-A1A6-431BF45918Be} - C:\WINDOWS\system32\pabmsfbj.dll (file missing)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\appleitunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Bomgar Support Reconnect []] "C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-488D11CA\bomgar-scc.exe" -nomulti
O4 - Global Startup: Audible Download Manager.lnk = C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
O8 - Extra context menu item: Add to Evernote - res://C:\Program Files\Evernote\Evernote3\enbar.dll/2000
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O20 - Winlogon Notify: jkkhfcc - jkkhfcc.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Net message Service - Unknown owner - C:\WINDOWS\system32\netmsg.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: Windows sharing object - Unknown owner - C:\WINDOWS\system32\winvercp.exe (file missing)
O23 - Service: Security Center (wscsvc) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

--
End of file - 6156 bytes

ken545 · Aug 16, 2008

Good Morning,

Your Security Center is borked, run this tool but hold off on the new log just now.

Please download and unzip Wscfix to your desktop.

You will now see two files: Wscsvcfix.exe and readme.txt. Double-click Wscsvcfix.exe to run the program.
Click the Inspect and Fix button once, and then restart Windows for the changes to take effect.

After reboot, rerun HJT and post a new log.

Note* That this utility requires administrator credentials to run correctly.

Remove these with HJT.

O2 - BHO: (no name) - {0D1F7897-22DA-4C6E-AA15-B4CAD3894438} - C:\WINDOWS\system32\atioglx.dll
O2 - BHO: (no name) - {3E720C72-EDB0-41B4-8E67-0D6F6D05BA41} - C:\WINDOWS\system32\ssttt.dll (file missing)
O2 - BHO: (no name) - {67458F42-E964-4623-A294-BA4C86BDD87B} - (no file)
O2 - BHO: (no name) - {DB2377AE-602E-4D7B-A1A6-431BF45918Be} - C:\WINDOWS\system32\pabmsfbj.dll (file missing)

O15 - Trusted Zone: http://locator.cdn.imageservr.com

O20 - Winlogon Notify: jkkhfcc - jkkhfcc.dll (file missing)

Drag Combofix to the trash and use the links I provided earlier and grab a new copy and then try running Combofix in Safemode, make sure you download it to your DESKTOP and that you disabled all AV software.

To Enter Safemode

Go to Start> Shut off your Computer> Restart
As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
Use the Up and Down Arrow Keys to scroll up to Safemode
Then press the Enter Key on your Keyboard

Tutorial if you need it How to boot into Safemode

eddiejones · Aug 17, 2008

Happy Sunday. Latest progress

Installed and ran Wscfix. all seemed to go well.

Ran a HJT and removed the 4 entries listed.

Trashed and loaded Combofix again, rebooted into safe mode and ran it. Log is below. It seemed to reboot to normal mode and I re-ran HJT. the first of the 4 entries above was there again. I checked it to remove, hit fix but it was still there. I re-ran HJT again and the log is below.

thanks again, have a good weekend.

BTW I can't seem to get rid of those Symantec processes running...

Eddie

ComboFix 08-08-17.01 - Administrator 2008-08-17 12:24:07.7 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.359 [GMT -7:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\microsoft
C:\Documents and Settings\All Users\microsoft\SL\DL\ed6c43df-e0eb-4fbc-8231-1999c3ce2432\808d3af3-5ec3-4fe7-bb7d-0b7147cbeb10
C:\Documents and Settings\HP_Owner\Application Data\DOBE~1
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\#SharedObjects\GB9X9ZJC\interclick.com
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\#SharedObjects\GB9X9ZJC\interclick.com\ud.sol
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\#SharedObjects\GB9X9ZJC\www.broadcaster.com
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\HP_Owner\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@antispywaremaster[2].txt
C:\Documents and Settings\HP_Owner\UserData
C:\Documents and Settings\HP_Owner\UserData\GD27S96R\oWindowsUpdate[1].xml
C:\Documents and Settings\HP_Owner\UserData\index.dat
C:\WINDOWS\system32\abyeriij.ini
C:\WINDOWS\system32\afoxatnq.ini
C:\WINDOWS\system32\ahxxtjtx.ini
C:\WINDOWS\system32\ajvpjdms.dll
C:\WINDOWS\system32\atrxnxqk.ini
C:\WINDOWS\system32\ayvvmbfb.ini
C:\WINDOWS\system32\bblnpvaw.dll
C:\WINDOWS\system32\beeyvweq.ini
C:\WINDOWS\system32\bgucgsbp.ini
C:\WINDOWS\system32\bhilisoj.ini
C:\WINDOWS\system32\bhtmkvyr.ini
C:\WINDOWS\system32\blinicuq.dll
C:\WINDOWS\system32\bmvevhmu.ini
C:\WINDOWS\system32\bnvoscao.ini
C:\WINDOWS\system32\bopcxwsa.dll
C:\WINDOWS\system32\brtkdwfs.ini
C:\WINDOWS\system32\byodqeam.ini
C:\WINDOWS\system32\cgxqpiyp.dll
C:\WINDOWS\system32\cladcrqq.ini
C:\WINDOWS\system32\clovukgh.ini
C:\WINDOWS\system32\cmnrdmav.dll
C:\WINDOWS\system32\cputkfsv.dll
C:\WINDOWS\system32\cskiqp.dll
C:\WINDOWS\system32\cslmgdbv.ini
C:\WINDOWS\system32\csyabiqs.ini
C:\WINDOWS\system32\cuhxxyrc.ini
C:\WINDOWS\system32\cyqxddor.ini
C:\WINDOWS\system32\dgtagi.dll
C:\WINDOWS\system32\dguhtbhr.dll
C:\WINDOWS\system32\dhjrsupn.dll
C:\WINDOWS\system32\djoustgc.dll
C:\WINDOWS\system32\dnlbkind.ini
C:\WINDOWS\system32\dssbocux.ini
C:\WINDOWS\system32\dvholrnx.dll
C:\WINDOWS\system32\dwpmsskp.ini
C:\WINDOWS\system32\dxkhmwuo.dll
C:\WINDOWS\system32\eaictino.dll
C:\WINDOWS\system32\ecneeuxk.ini
C:\WINDOWS\system32\ecngapqf.ini
C:\WINDOWS\system32\ehhucjkt.dll
C:\WINDOWS\system32\ejosbnbg.dll
C:\WINDOWS\system32\eswkanrw.ini
C:\WINDOWS\system32\evsemvfj.dll
C:\WINDOWS\system32\ewfvitfx.dll
C:\WINDOWS\system32\exjpgavr.dll
C:\WINDOWS\system32\favagfwo.dll
C:\WINDOWS\system32\fcvtiucr.ini
C:\WINDOWS\system32\fdxegnyo.ini
C:\WINDOWS\system32\felldavx.ini
C:\WINDOWS\system32\ffcfsdvw.ini
C:\WINDOWS\system32\firogo.dll
C:\WINDOWS\system32\fjjndroq.ini
C:\WINDOWS\system32\fsegxchi.ini
C:\WINDOWS\system32\fuipna.dll
C:\WINDOWS\system32\furdjeii.dll
C:\WINDOWS\system32\gaymhusp.ini
C:\WINDOWS\system32\gbhveswf.ini
C:\WINDOWS\system32\gcwyrggr.dll
C:\WINDOWS\system32\gekcthua.ini
C:\WINDOWS\system32\ggtpjyud.ini
C:\WINDOWS\system32\ghanfsyr.ini
C:\WINDOWS\system32\glfbqhle.dll
C:\WINDOWS\system32\glglpkik.dll
C:\WINDOWS\system32\glipdylh.dll
C:\WINDOWS\system32\gnjmgvxy.dll
C:\WINDOWS\system32\grfyxaxt.ini
C:\WINDOWS\system32\gvebpsoo.dll
C:\WINDOWS\system32\hcjlmovi.dll
C:\WINDOWS\system32\hgxydt.dll
C:\WINDOWS\system32\hnckbeqg.ini
C:\WINDOWS\system32\htsgpefi.ini
C:\WINDOWS\system32\hugtkepu.dll
C:\WINDOWS\system32\hxyakuln.ini
C:\WINDOWS\system32\imaevyth.ini
C:\WINDOWS\system32\imcbsexi.ini
C:\WINDOWS\system32\imypxqpx.dll
C:\WINDOWS\system32\inllgwsi.ini
C:\WINDOWS\system32\iowhwwdl.ini
C:\WINDOWS\system32\isvwwofr.dll
C:\WINDOWS\system32\itbibwbf.ini
C:\WINDOWS\system32\ivbclfak.dll
C:\WINDOWS\system32\iwtkscdi.ini
C:\WINDOWS\system32\iyigvdpw.ini
C:\WINDOWS\system32\jbmgjukw.ini
C:\WINDOWS\system32\jfnpqemr.dll
C:\WINDOWS\system32\jgukwjna.dll
C:\WINDOWS\system32\jhxreudk.ini
C:\WINDOWS\system32\jifmmjjy.ini
C:\WINDOWS\system32\jmpbakbv.ini
C:\WINDOWS\system32\jogvjxph.ini
C:\WINDOWS\system32\jrqbjjno.ini
C:\WINDOWS\system32\jsgsymam.ini
C:\WINDOWS\system32\jthrxicd.dll
C:\WINDOWS\system32\karlipbu.ini
C:\WINDOWS\system32\kbtdgyeg.ini
C:\WINDOWS\system32\kekaqahg.ini
C:\WINDOWS\system32\keqdvead.ini
C:\WINDOWS\system32\kfjkhxsc.dll
C:\WINDOWS\system32\kleeeqpa.ini
C:\WINDOWS\system32\kmifjlgi.dll
C:\WINDOWS\system32\kqgjxvwl.dll
C:\WINDOWS\system32\kqshbmoq.dll
C:\WINDOWS\system32\ktgchtre.ini
C:\WINDOWS\system32\kykutb.dll
C:\WINDOWS\system32\lbpwcmvr.ini
C:\WINDOWS\system32\ljovwkyg.ini
C:\WINDOWS\system32\lnwwtaor.dll
C:\WINDOWS\system32\lprsmxif.ini
C:\WINDOWS\system32\lqmjvjex.ini
C:\WINDOWS\system32\lthfbphy.dll
C:\WINDOWS\system32\lwiutbcb.dll
C:\WINDOWS\system32\majmuhvb.dll
C:\WINDOWS\system32\mcommmwv.ini
C:\WINDOWS\system32\mcrvwvii.ini
C:\WINDOWS\system32\mdplinxg.dll
C:\WINDOWS\system32\mivypeog.ini
C:\WINDOWS\system32\mowjbwpv.ini
C:\WINDOWS\system32\mpgiwjyl.ini
C:\WINDOWS\system32\mxkvpacs.dll
C:\WINDOWS\system32\myrbinic.ini
C:\WINDOWS\system32\mztiqz.dll
C:\WINDOWS\system32\ndvfqkmw.ini
C:\WINDOWS\system32\ngwernnh.ini
C:\WINDOWS\system32\nlbvlmkt.ini
C:\WINDOWS\system32\npdvdmvs.dll
C:\WINDOWS\system32\ntcrhwcg.ini
C:\WINDOWS\system32\ntkrplqr.ini
C:\WINDOWS\system32\nvslqstr.dll
C:\WINDOWS\system32\odpidgkv.dll
C:\WINDOWS\system32\olrtmqfx.ini
C:\WINDOWS\system32\ovijpctl.ini
C:\WINDOWS\system32\oxnywsrt.ini
C:\WINDOWS\system32\pagwhhva.ini
C:\WINDOWS\system32\pdnghfta.ini
C:\WINDOWS\system32\pgattnfc.ini
C:\WINDOWS\system32\pmnflpfm.ini
C:\WINDOWS\system32\ppokmnly.dll
C:\WINDOWS\system32\pssdklma.ini
C:\WINDOWS\system32\pvdkjxtq.dll
C:\WINDOWS\system32\pvgywvag.dll
C:\WINDOWS\system32\qacomgeg.ini
C:\WINDOWS\system32\qejikfoa.ini
C:\WINDOWS\system32\qmstwydg.ini
C:\WINDOWS\system32\qnsqeuld.ini
C:\WINDOWS\system32\qqandcnc.dll
C:\WINDOWS\system32\qsywijuy.ini
C:\WINDOWS\system32\ralhwtnc.ini
C:\WINDOWS\system32\rctubdjy.dll
C:\WINDOWS\system32\rfdhfelv.dll
C:\WINDOWS\system32\rhgqhevd.dll
C:\WINDOWS\system32\rhlkapkb.dll
C:\WINDOWS\system32\rhmgossx.ini
C:\WINDOWS\system32\ribijemw.dll
C:\WINDOWS\system32\riqyrtvq.dll
C:\WINDOWS\system32\rmardxxp.dll
C:\WINDOWS\system32\rnvkaotg.ini
C:\WINDOWS\system32\romnhclt.dll
C:\WINDOWS\system32\rqmmnkkc.ini
C:\WINDOWS\system32\rrvrvdnr.ini
C:\WINDOWS\system32\rxdcexva.ini
C:\WINDOWS\system32\rxjfsqev.dll
C:\WINDOWS\system32\rxmdyqhs.ini
C:\WINDOWS\system32\sakvwuhl.ini
C:\WINDOWS\system32\scqxefvs.dll
C:\WINDOWS\system32\soopfxca.dll
C:\WINDOWS\system32\soouixoa.ini
C:\WINDOWS\system32\soxxwaug.ini
C:\WINDOWS\system32\spijkfap.ini
C:\WINDOWS\system32\spxccwjd.dll
C:\WINDOWS\system32\ssjsnvia.ini
C:\WINDOWS\system32\tbfcofiq.dll
C:\WINDOWS\system32\tclaoecr.ini
C:\WINDOWS\system32\temukjpj.dll
C:\WINDOWS\system32\tepcevno.ini
C:\WINDOWS\system32\tnobycdt.ini
C:\WINDOWS\system32\toflwvqk.ini
C:\WINDOWS\system32\tsdyjvlu.dll
C:\WINDOWS\system32\ttcmmlwi.ini
C:\WINDOWS\system32\tttss.ini
C:\WINDOWS\system32\tttss.ini2
C:\WINDOWS\system32\tubdittr.dll
C:\WINDOWS\system32\txrclrwq.ini
C:\WINDOWS\system32\udxtvfsd.dll
C:\WINDOWS\system32\ueclbmcv.dll
C:\WINDOWS\system32\umxwydda.ini
C:\WINDOWS\system32\umyefork.ini
C:\WINDOWS\system32\upvyywid.dll
C:\WINDOWS\system32\uukjannf.dll
C:\WINDOWS\system32\uxuycsju.ini
C:\WINDOWS\system32\vblqrfha.dll
C:\WINDOWS\system32\vehmhbag.ini
C:\WINDOWS\system32\vfuqywqw.ini
C:\WINDOWS\system32\vkgpjxyp.ini
C:\WINDOWS\system32\vltdhrei.ini
C:\WINDOWS\system32\vnktod.dll
C:\WINDOWS\system32\vpfgeegj.ini
C:\WINDOWS\system32\vvpyatnc.dll
C:\WINDOWS\system32\worulsyg.dll
C:\WINDOWS\system32\wxxtgmia.ini
C:\WINDOWS\system32\xavjwupe.ini
C:\WINDOWS\system32\xhrrwrdg.dll
C:\WINDOWS\system32\xjgbbgiv.ini
C:\WINDOWS\system32\xlraokup.ini
C:\WINDOWS\system32\xnypjlen.dll
C:\WINDOWS\system32\xvlhqfjp.ini
C:\WINDOWS\system32\xxkhixjo.dll
C:\WINDOWS\system32\yacnmtpc.dll
C:\WINDOWS\system32\yasojbjv.dll
C:\WINDOWS\system32\yckkekla.ini
C:\WINDOWS\system32\ydpkmwun.ini
C:\WINDOWS\system32\yicofcjd.dll
C:\WINDOWS\system32\yipilvub.ini
C:\WINDOWS\system32\yiuimvge.ini
C:\WINDOWS\system32\yjsisnkt.ini
C:\WINDOWS\system32\yqxyvcqb.ini
C:\WINDOWS\system32\yrriumxp.ini
C:\WINDOWS\system32\ysowseah.dll
C:\WINDOWS\system32\yuhvadru.dll
C:\WINDOWS\system32\yxlnmhnh.ini
C:\WINDOWS\system32\yyngywvd.ini
C:\WINDOWS\system32\atioglx.dll . . . . failed to delete
.
---- Previous Run -------
.
C:\WINDOWS\system32\stera.log
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE
-------\Legacy_VSPF
-------\Legacy_VSPF_HK

((((((((((((((((((((((((( Files Created from 2008-07-17 to 2008-08-17 )))))))))))))))))))))))))))))))
.

2008-08-17 12:20 . 2004-10-21 18:59 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-08-17 12:20 . 2004-10-22 14:12 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-08-17 12:20 . 2004-10-21 19:52 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2008-08-17 12:20 . 2004-10-21 19:52 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-08-17 12:20 . 2004-10-21 18:58 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-08-17 12:20 . 2008-08-17 12:21 <DIR> d-------- C:\Documents and Settings\Administrator
2008-08-15 13:42 . 2008-08-15 13:42 809,192 ---hs---- C:\WINDOWS\system32\ajsjsmbj.tmp
2008-08-15 13:39 . 2008-08-15 13:39 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-15 13:39 . 2008-08-15 13:39 <DIR> d-------- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
2008-08-15 13:39 . 2008-08-15 13:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-15 13:39 . 2008-07-30 20:15 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-15 13:39 . 2008-07-30 20:15 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-15 13:18 . 2008-08-15 13:18 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-08 21:29 . 2008-08-08 21:29 <DIR> d-------- C:\Program Files\Gameforge4D
2008-08-08 21:29 . 2004-05-10 13:14 118,272 --a------ C:\WINDOWS\system32\SX5363S.DLL
2008-08-08 21:29 . 2004-05-10 13:14 102,400 --a------ C:\WINDOWS\system32\RV32RTP.dll
2008-08-08 21:29 . 2004-05-10 13:15 40 --a------ C:\WINDOWS\system32\Sx5363.ini
2008-07-26 14:30 . 2008-07-26 14:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-488B9785
2008-07-19 19:48 . 2008-08-15 22:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-19 19:48 . 2008-08-13 10:37 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-13 19:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-13 18:30 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-08-13 17:35 --------- d-----w C:\Program Files\appleitunes
2008-08-12 05:24 --------- d-----w C:\Program Files\TrojanHunter 4.2
2008-08-12 05:22 --------- d-----w C:\Program Files\Java
2008-08-12 05:07 --------- d-----w C:\Program Files\QuickTime
2008-08-08 20:09 --------- d-----w C:\Documents and Settings\HP_Owner\Application Data\Azureus
2008-08-08 18:41 --------- d-----w C:\Documents and Settings\HP_Owner\Application Data\OpenOffice.org2
2008-06-29 22:07 --------- d-----w C:\Program Files\Comprehensive Review 3e
2008-06-29 21:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-01-22 00:32 0 ----a-w C:\Documents and Settings\HP_Owner\loaded.exe
.

Code:

<pre>
----a-w           197,888 2008-03-24 16:47:20  C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp .exe
----a-w         3,739,648 2008-02-20 05:54:57  C:\Program Files\Google\Google Talk\googletalk .exe
----a-w           158,208 2008-03-24 16:47:21  C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D1F7897-22DA-4C6E-AA15-B4CAD3894438}]
2008-07-19 19:12 101632 --a------ C:\WINDOWS\system32\atioglx.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bomgar Support Reconnect []"="C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-488D11CA\bomgar-scc.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 05:00 158208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=oxweul.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.YV12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Audible Download Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Audible Download Manager.lnk
backup=C:\WINDOWS\pss\Audible Download Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Background Monitor.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkvMon.exe.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkvMon.exe.lnk
backup=C:\WINDOWS\pss\NkvMon.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Owner^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Owner^Start Menu^Programs^Startup^VirtuaGirl2.lnk]
path=C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\VirtuaGirl2.lnk
backup=C:\WINDOWS\pss\VirtuaGirl2.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoTBar
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon06
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-07-07 21:19 6731312 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2chkdsk]
C:\WINDOWS\system32\ucosbolp.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2004-08-13 20:17 58488 c:\Program Files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\clc]
C:\WINDOWS\system32\clc.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 05:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
--a------ 2004-08-22 17:05 81920 C:\Program Files\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DC6_Check]
C:\Program Files\Common Files\WinAntiSpyware 2007 Free\uwasdc.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DllRunning]
C:\WINDOWS\system32\vjxaoakx.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriveCleaner Free]
C:\Program Files\DriveCleaner Free\UDC.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafeFree]
C:\Program Files\ErrorSafe Free\uers.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ERS_Check]
C:\Program Files\Common Files\WinAntiSpyware 2007 Free\uwasers.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GPLv3]
C:\WINDOWS\system32\trswynxo.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 1998-05-07 16:04 52736 c:\WINDOWS\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
--a------ 2003-09-15 21:00 270336 C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2004-08-20 22:55 155648 C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InfoData]
C:\WINDOWS\system32\ududiqoc.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz]
--a------ 2003-11-04 18:36 124096 c:\Program Files\Common Files\Symantec Shared\CfgWiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-04-17 13:41 196608 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-06-28 09:14 270648 C:\Program Files\appleitunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j7241439]
C:\WINDOWS\system32\j7241439.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--a------ 2003-02-11 20:02 61440 C:\hp\KBD\kbd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
C:\WINDOWS\system32\ssttt.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
--a------ 2004-10-14 21:54 253952 c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lswxf]
C:\DOCUME~1\HP_Owner\APPLIC~1\DOBE~1\WACLT~1.EXE [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAV CfgWiz]
c:\Program Files\Norton AntiVirus\CfgWiz.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAS_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcpas.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
--a------ 2002-10-16 16:57 81920 C:\WINDOWS\system32\ps2.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2006-01-31 05:20 180224 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2004-04-14 20:43 233472 C:\WINDOWS\SMINST\Recguard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
--a------ 2003-12-18 00:31 118784 C:\WINDOWS\CREATOR\Remind_XP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDR6_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcsdr.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchIndexer]
C:\WINDOWS\system32\keajmmdf.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seekmo]
c:\program files\seekmo\seekmo.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundService]
C:\WINDOWS\system32\vbcfgqge.dll [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyQuake2.com]
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Srro]
C:\DOCUME~1\HP_Owner\APPLIC~1\CROSOF~1.NET\attrib.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2006-11-10 12:35 90112 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a------ 2007-08-21 16:17 111840 C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard]
C:\Program Files\TrojanHunter 4.2\THGuard.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UDC6cw]
C:\Program Files\DriveCleaner Free\UDC6cw.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uwas7cw]
C:\Program Files\WinAntiSpyware 2007 Free\uwas7cw.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\was_check]
C:\Program Files\ErrorSafe Free\PASmon.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntiSpyware 2007 Free]
C:\Program Files\WinAntiSpyware 2007 Free\was7.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntiVirusPro2006]
C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2005-03-04 12:01 88209 C:\WINDOWS\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcxMonitor]
--a------ 2004-09-07 14:47 57344 C:\WINDOWS\ALCXMNTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower]
--------- 2004-09-24 09:49 49152 C:\WINDOWS\system32\SiSPower.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
VTTimer.exe [N/A]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\Program Files\Gameforge4D\AirRivals\Launcher.atm"= C:\Program Files\Gameforge4D\AirRivals\Launcher.atm:Enabled:GameExe2
"C:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe"= C:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 uillinxo;uillinxo;C:\WINDOWS\system32\drivers\inyzouup.dat []
R2 LicCtrlService;LicCtrl Service;C:\WINDOWS\runservice.exe [2008-04-24 12:15]
R3 MovRVDrv32;MovRVDrv32;C:\WINDOWS\system32\DRIVERS\MovRVDrv32.sys [2008-04-17 11:57]
R3 SndTDriverV32;SndTDriverV32;C:\WINDOWS\system32\drivers\SndTDriverV32.sys [2008-04-17 11:57]
S2 DP1112;DP1112;C:\WINDOWS\system32\Drivers\DP.sys []
S2 Net message Service;Net message Service;C:\WINDOWS\system32\netmsg.exe []
S2 Windows sharing object;Windows sharing object;C:\WINDOWS\system32\winvercp.exe []
S3 ICDUSB2;Sony IC Recorder (ST);C:\WINDOWS\system32\Drivers\ICDUSB2.sys [2002-11-28 21:23]
S3 mam4410c;mam4410c;C:\WINDOWS\system32\Drivers\mam4410c.sys [2005-06-16 19:11]
S3 mam4410m;mam4410m;C:\WINDOWS\system32\Drivers\mam4410m.sys [2005-06-16 19:13]
S3 mam4410u;mam4410u;C:\WINDOWS\system32\Drivers\mam4410u.sys [2007-03-19 15:39]
S3 SoundMovieServer;SoundMovieServer;C:\WINDOWS\system32\snmvtsvc.exe [2008-04-17 13:30]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
\Shell\AutoRun\command - M:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce9c2e21-ad5c-11db-99e7-0011d866f771}]
\Shell\AutoRun\command - M:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce9c2e22-ad5c-11db-99e7-0011d866f771}]
\Shell\AutoRun\command - browse.bat
.
Contents of the 'Scheduled Tasks' folder

2008-08-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 13:42]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\jl4m7y77.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/ig?hl=en
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npViewpoint_03050024.dll
FF -: plugin - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-17 12:36:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\uillinxo]
"ImagePath"="system32\drivers\inyzouup.dat"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-08-17 12:49:45 - machine was rebooted [HP_Owner]
ComboFix-quarantined-files.txt 2008-08-17 19:48:41

Pre-Run: 13,210,570,752 bytes free
Post-Run: 12,422,995,968 bytes free

513 --- E O F --- 2008-07-21 05:56:21

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:03:03 PM, on 8/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {0D1F7897-22DA-4C6E-AA15-B4CAD3894438} - C:\WINDOWS\system32\atioglx.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Bomgar Support Reconnect []] "C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-488D11CA\bomgar-scc.exe" -nomulti
O8 - Extra context menu item: Add to Evernote - res://C:\Program Files\Evernote\Evernote3\enbar.dll/2000
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O20 - AppInit_DLLs: oxweul.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Net message Service - Unknown owner - C:\WINDOWS\system32\netmsg.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: Windows sharing object - Unknown owner - C:\WINDOWS\system32\winvercp.exe (file missing)

--
End of file - 5275 bytes

ken545 · Aug 17, 2008

Eddie,

You have had so many trojans on this system I can't keep track. You need to reevaluate your surfing habits and the programs you download or your going to keep getting infected over and over again. This computer has come pretty close to being trashed. The Vundo variant you have includes a File Infector. If you look at your Combofix log, the programs in the Blue Code box are infected. I am providing instructions to run a script for Combofix, look at the programs I have under Folders, these are all Trojans, not legitimate programs.

Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above RenV::

Code:

RenV::
C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp .exe
C:\Program Files\Google\Google Talk\googletalk .exe
C:\WINDOWS\pchealth\helpctr\binaries\MSConfig .exe

File::
C:\WINDOWS\system32\ajsjsmbj.tmp
C:\WINDOWS\system32\ucosbolp.dll
C:\WINDOWS\system32\vjxaoakx.dll
C:\WINDOWS\system32\j7241439.dll
C:\WINDOWS\system32\ssttt.exe 

Folder::
C:\Program Files\Common Files\WinAntiSpyware 2007 Free
C:\Program Files\DriveCleaner Free
C:\Program Files\ErrorSafe Free
C:\Program Files\SpyQuake2.com
c:\program files\seekmo
C:\DOCUME~1\HP_Owner\APPLIC~1\CROSOF~1.NET
C:\Program Files\WinAntiVirus Pro 2006

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2chkdsk]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DC6_Check]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DllRunning]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriveCleaner Free]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSafeFree]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ERS_Check]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j7241439]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyQuake2.com]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seekmo]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Srro]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UDC6cw]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uwas7cw]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\was_check]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntiSpyware 2007 Free]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntiVirusPro2006]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-

Save this as CFScript to your desktop.

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

eddiejones · Aug 18, 2008

Combofix hangs.

I ran the script in combofix but It hung after it finished while preparing log file. I tried it in bot safe mode and normal, both with the same result. It stops after a warning about having just changes the system startup setting, like after using msconfig. other than clicking OK to that, I am not clicking anything on the computer.

Here is the latest HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:43, on 2008-08-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.igoogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {0D1F7897-22DA-4C6E-AA15-B4CAD3894438} - C:\WINDOWS\system32\atioglx.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKCU\..\Run: [Bomgar Support Reconnect []] "C:\Documents and Settings\All Users\Application Data\Bomgar-SCC-488D11CA\bomgar-scc.exe" -nomulti
O8 - Extra context menu item: Add to Evernote - res://C:\Program Files\Evernote\Evernote3\enbar.dll/2000
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Net message Service - Unknown owner - C:\WINDOWS\system32\netmsg.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\WINDOWS\system32\snmvtsvc.exe
O23 - Service: Windows sharing object - Unknown owner - C:\WINDOWS\system32\winvercp.exe (file missing)

--
End of file - 5186 bytes

ken545 · Aug 18, 2008

C:\ComboFix.txt <---There should be a new report here, post it please

tashi · Aug 23, 2008

This topic has been archived due to inactivity.

As it has been five days or more since your last post, and your helper posted a response to which you did not reply, this topic has been archived and will not be reopened. If you still require help, please start a new topic and include a fresh HijackThis log and a link to this thread.

Applies only to the original poster, anyone else with similar problems please start a new topic.

another Virtumonde vic!

eddiejones

New member

ken545

Emeritus-Security Expert

ken545

Emeritus-Security Expert

eddiejones

New member

eddiejones

New member

ken545

Emeritus-Security Expert

eddiejones

New member

ken545

Emeritus-Security Expert

eddiejones

New member

ken545

Emeritus-Security Expert

eddiejones

New member

ken545

Emeritus-Security Expert

tashi

Member of Team Spybot