Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan-dropper Help!


  • Please log in to reply
4 replies to this topic

#1 daazndrgon

daazndrgon

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:21 AM

Posted 28 December 2007 - 12:29 AM

I ran a scan from Kaspersky and it found a bunch of viruses and infected files. It found around 400 infected files and 20 viruses. When i went to see the results it says trojan-dropper.win32... next to the infected files. I also deleted trojandownloader.xs yesterday but I dont know if it's still there and causing all these problems. I'm not sure how to delete the virus, Can anyone here please help me??

Edited by daazndrgon, 28 December 2007 - 12:32 AM.


BC AdBot (Login to Remove)

 


#2 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:21 AM

Posted 28 December 2007 - 12:34 AM

I just ran the Ad-Aware and this is the logfile..

Ad-Aware 2007 Build
Log File Created on: 2007-12-27 21:25:47
Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name: QUIET-7T55KAS0V
Name of user performing scan: SYSTEM

System information
===========================
Number of processors: 1
Processor type: AMD Sempron™ 2600+
Memory Available: 22%
Total Physical Memory: 536330240 Bytes
Available Physical Memory: 117596160 Bytes
Total Page File Size: 1311199232 Bytes
Available On Page File: 948797440 Bytes
Total Virtual Memory: 2147352576 Bytes
Available Virtual Memory: 1992925184 Bytes
OS: Microsoft Windows XP (Build 2600)

Ad-Aware 2007 Settings
===========================
Skipping files larger than 1048576 kB
Ignoring infections with lower TAI than: 3


Extended Ad-Aware 2007 Settings
===========================
Unloading known modules during scan
Ignoring spanned files when scanning cab archives
Reanalyzing results after scanning before displaying results
Trying to unload modules prior to removal
Let Windows remove files currently in use at next reboot
Removing quarantined objects after restore
Deactivating Ad-Watch during scans
Writeprotecting system files after repairs
Include info about ignored objects in log file
Including basic settings in log file
Including advanced settings in log file
Including user and computer name in log file
Create and save WebUpdate log file

Databaseinfo
===========================
Version number: 41
Build Number: 0
Build Date and Time: 2007/12/27 00:11:56

Scan Statistics
===========================
Method: Full
Scan tracking cookies.............................: On
Scan ADS filestreams..............................: Off

Item Scanned: 389611
Infections Detected: 137
Infections Ignored: 0

Scan detailed statistics
===========================
Type Critical Total
Process Scan....: 4 4
Registry Scan...: 4 4
Registry PE Scan: 0 0
Hosts File Scan.: 0 0
File Scan.......: 0 0
Folder Scan.....: 0 0
LSP Scan........: 0 0
ADS Scan........: 0 0
Cookie Scan.....: 75 75
File Hash Scan..: 53 53

Infections Found
===========================
Family Id: 188 Name: AntivirusPCSuite Category: Misc TAI:3
Item Id: 100011824 Value: File: c:\program files\common files\spyguardpro\bm .exe
Item Id: 100011824 Value: Process CSI: c:\program files\common files\spyguardpro\bm .exe
Item Id: 100011824 Value: File: c:\program files\common files\spyguardpro\bm .exe
Item Id: 100011824 Value: Process CSI: c:\program files\common files\spyguardpro\bm .exe
Family Id: 725 Name: Tracking Cookie Category: DataMiner TAI:3
Item Id: 600000135 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\LocalService\Cookies\index.dat findwhat.com uid /
Item Id: 600000212 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\LocalService\Cookies\index.dat waterfrontmedia.112.2o7.net s_vi /
Item Id: 600000144 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\LocalService\Cookies\index.dat doubleclick.net id /
Item Id: 600000126 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ehg-kasperskylab.hitbox.com WSS_MIGRATION /
Item Id: 600000144 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat doubleclick.net id /
Item Id: 600000138 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat fastclick.net zru /
Item Id: 600000138 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat fastclick.net rt /
Item Id: 600000187 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat advertising.com C2 /
Item Id: 600000187 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat advertising.com ACID /
Item Id: 600000050 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat tribalfusion.com ANON_ID /
Item Id: 600000415 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.revsci.net rsi_us_1000000 /adserver
Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat zedo.com geo /
Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat zedo.com ZEDOIDX /
Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat zedo.com ZEDOIDA /
Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat zedo.com FFcat /
Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat zedo.com FFad /
Item Id: 600000415 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat revsci.net 01AI /
Item Id: 600000415 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat revsci.net rsi_cls_1000000 /
Item Id: 600000415 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat revsci.net rsi_segs_1000000 /
Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com uid /
Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com liday1 /
Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com vuday1 /
Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com ih /
Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com bh /
Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com fl_inst /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat specificclick.net dmc /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat specificclick.net dmk /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat specificclick.net smc /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat specificclick.net smk /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat specificclick.net dmp /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat specificclick.net smx /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net DMEXP /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net CTCI /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net HS /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net LO /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net DGI /
Item Id: 600000073 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net UI /
Item Id: 600000179 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat atdmt.com AA002 /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRID /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRimp /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRca /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRcp /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRpl /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRcr /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com PRpc /
Item Id: 600000093 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.pointroll.com S1CSE5 /
Item Id: 600000179 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt atdmt.com AA002 /
Item Id: 600000415 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net NETSEGS_K05540 /
Item Id: 600000415 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net NETID01 /
Item Id: 600000415 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net rsi_cls_1000000 /
Item Id: 600000415 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net rsi_segs_1000000 /
Item Id: 600000144 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt doubleclick.net id /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com S1CSE5 /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRpc /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRcr /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRpl /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRcp /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRca /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRimp /
Item Id: 600000093 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRID /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com fl_inst /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com uid /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com liday1 /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com vuday1 /
Item Id: 600000460 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com ih /
Item Id: 600000050 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com ANON_ID /
Item Id: 600000050 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com TfAdCountDate /
Item Id: 600000050 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com TfCtxtAdServer /
Item Id: 600000050 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com TfAdCountMap /
Item Id: 600000159 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt clickbank.net p /
Item Id: 600000661 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt kontera.com imprs /
Item Id: 600000661 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt kontera.com cluid /
Item Id: 600000212 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt 2o7.net s_vi_zx7Cgnefkhe /
Item Id: 600000212 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt 2o7.net s_vi_usheik /
Item Id: 600000212 Value: Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt 2o7.net s_vi_x7Fybhizix60cx7Cix7E /
Family Id: 1134 Name: Adware.TTC Category: Adware TAI:4
Item Id: 69705 Value: File: C:\Program Files\TTC.dll
Item Id: 69705 Value: File: C:\qoobox\Quarantine\C\Program Files\Online Services\horevoga4444.dll.vir
Item Id: 69705 Value: File: C:\qoobox\Quarantine\C\Program Files\Online Services\horevoga555077.dll.vir
Item Id: 69705 Value: File: C:\qoobox\Quarantine\C\Program Files\Online Services\horevoga83122.dll.vir
Item Id: 69707 Value: File: C:\qoobox\Quarantine\C\WINDOWS\TTC-4444.exe.vir
Item Id: 69707 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004863.exe
Item Id: 69705 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004865.dll
Item Id: 69705 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004975.dll
Item Id: 69707 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004977.exe
Item Id: 69705 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005148.dll
Item Id: 69705 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005149.dll
Item Id: 69705 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005150.dll
Item Id: 69707 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005187.exe
Item Id: 69707 Value: File: C:\WINDOWS\system32\to9\parreo83122.exe
Family Id: 941 Name: Win32.Trojan.Agent Category: Malware TAI:10
Item Id: 58929 Value: File: C:\qoobox\Quarantine\C\Program Files\MSN\ladu.dll.vir
Item Id: 58929 Value: File: C:\qoobox\Quarantine\C\Program Files\MSN\ladu440.dll.vir
Item Id: 58929 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0005048.dll
Item Id: 58929 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0005055.dll
Item Id: 58929 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005146.dll
Item Id: 58929 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005147.dll
Item Id: 300031799 Value: Root: HKLM Path: SOFTWARE\Microsoft\Security Center Value: AntiVirusOverride Data: 1
Item Id: 300039095 Value: Root: HKLM Path: software\microsoft\internet explorer Value: mkdata
Item Id: 300039786 Value: Root: HKU Path: S-1-5-21-329068152-2025429265-725345543-1003\software\microsoft\internet explorer\main Value: use formsuggest
Family Id: 394 Name: Hacktool.Netmon Category: MonitoringTool TAI:3
Item Id: 7531 Value: File: C:\qoobox\Quarantine\C\Program Files\Network Monitor\netmon.exe.vir
Item Id: 7531 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004827.exe
Item Id: 7531 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005168.exe
Family Id: 168 Name: Adware.ZenoSearch Category: Adware TAI:4
Item Id: 71341 Value: File: C:\qoobox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir
Item Id: 71341 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005170.dll
Family Id: 993 Name: Win32.TrojanClicker Category: Malware TAI:10
Item Id: 74360 Value: File: C:\qoobox\Quarantine\C\WINDOWS\df87173.exe.vir
Item Id: 74358 Value: File: C:\qoobox\Quarantine\C\WINDOWS\hg173.exe.vir
Item Id: 19565 Value: File: C:\qoobox\Quarantine\C\WINDOWS\system32\atmtd.dll.vir
Item Id: 19565 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004825.dll
Item Id: 19565 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005140.dll
Item Id: 74358 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005228.exe
Item Id: 74360 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005229.exe
Family Id: 1032 Name: Win32.TrojanDownloader.Small Category: Malware TAI:7
Item Id: 57444 Value: File: C:\qoobox\Quarantine\C\WINDOWS\system32\b1\roblcidr31z.exe.vir
Item Id: 57444 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005177.exe
Item Id: 300021673 Value: Root: HKCR Path: lk.auto
Family Id: 553 Name: PurityScan Category: Malware TAI:6
Item Id: 69697 Value: File: C:\qoobox\Quarantine\C\WINDOWS\system32\FNTS~1\wuauboot .exe.vir
Item Id: 69697 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004909.exe
Item Id: 69697 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004920.exe
Item Id: 69697 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005104.exe
Family Id: 1321 Name: Win32.Trojan.BHO Category: Malware TAI:10
Item Id: 71257 Value: File: C:\qoobox\Quarantine\C\WINDOWS\system32\fsnaplae.dll.vir
Item Id: 71257 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005145.dll
Family Id: 61 Name: Adware.BHO(generic) Category: Adware TAI:3
Item Id: 45254 Value: File: C:\qoobox\Quarantine\C\WINDOWS\tk58.exe.vir
Item Id: 45254 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004864.exe
Item Id: 45254 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004976.exe
Item Id: 45254 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005186.exe
Family Id: 253 Name: CmdServices Category: Adware TAI:4
Item Id: 4133 Value: File: C:\qoobox\Quarantine\C\WINDOWS\UXVpZXQgQm95\asappsrv.dll.vir
Item Id: 4134 Value: File: C:\qoobox\Quarantine\C\WINDOWS\UXVpZXQgQm95\command.exe.vir
Item Id: 4134 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005153.exe
Item Id: 4133 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005178.dll
Family Id: 1037 Name: Win32.TrojanDownloader.VB Category: Malware TAI:10
Item Id: 77445 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004866.exe
Item Id: 77445 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004974.exe
Item Id: 77445 Value: File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005106.exe
Item Id: 77445 Value: File: C:\WINDOWS\fkwggshm.exe
Family Id: 1024 Name: Win32.TrojanDownloader.Obfuscated Category: Malware TAI:10
Item Id: 71940 Value: File: C:\WINDOWS\system32\dj2\axebmbrpl6.exe
Family Id: 9999 Name: MRU Object Category: MRU Object TAI:0
Item Id: 1 Value: MRU Path: C:\Documents and Settings\Quiet Boy\Recent Count: 16

Items Ignored During Scan
===========================


Listing of running processes
===========================
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe

c:\windows\system32\ntdll.dll

C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\csrsrv.dll

c:\windows\system32\basesrv.dll

c:\windows\system32\winsrv.dll

c:\windows\system32\user32.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\sxs.dll

C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\authz.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\nddeapi.dll

c:\windows\system32\profmap.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\regapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\ole32.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\version.dll

c:\windows\system32\winsta.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\msgina.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\odbc32.dll

c:\windows\system32\comdlg32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\odbcint.dll

c:\windows\system32\shsvcs.dll

c:\windows\system32\sfc.dll

c:\windows\system32\sxs.dll

c:\windows\system32\winscard.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ati2evxx.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\wlnotify.dll

c:\windows\system32\winspool.drv

c:\windows\system32\mpr.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\samlib.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\comres.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\cryptnet.dll

c:\windows\system32\sclgntfy.dll

c:\windows\system32\drprov.dll

c:\windows\system32\ntlanman.dll

c:\windows\system32\netui0.dll

c:\windows\system32\netui1.dll

c:\windows\system32\netrap.dll

c:\windows\system32\davclnt.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\cscui.dll

C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\scesrv.dll

c:\windows\system32\authz.dll

c:\windows\system32\umpnpmgr.dll

c:\windows\system32\winsta.dll

c:\windows\system32\ncobjapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\eventlog.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\psapi.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\apphelp.dll

C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\lsasrv.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\secur32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\samsrv.dll

c:\windows\system32\cryptdll.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\mpr.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\msprivs.dll

c:\windows\system32\kerberos.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\netlogon.dll

c:\windows\system32\w32time.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\atl.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\winmm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\userenv.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\schannel.dll

c:\windows\system32\wdigest.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mlljh.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\scecli.dll

c:\windows\system32\ipsecsvc.dll

c:\windows\system32\oakley.dll

c:\windows\system32\winipsec.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\dssenh.dll

c:\windows\system32\pstorsvc.dll

c:\windows\system32\psbase.dll

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\secur32.dll

c:\windows\system32\ati2edxx.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msvcrt.dll

C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\rpcss.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\winmm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shsvcs.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\shell32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\rastls.dll

c:\windows\system32\schannel.dll

c:\windows\system32\userenv.dll

c:\windows\system32\winscard.dll

c:\windows\system32\raschap.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\schedsvc.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\msidle.dll

c:\windows\system32\audiosrv.dll

c:\windows\system32\wkssvc.dll

c:\windows\system32\qmgr.dll

c:\windows\system32\mpr.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\cryptsvc.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\certcli.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wininet.dll

c:\windows\system32\esent.dll

c:\windows\system32\srvsvc.dll

c:\windows\system32\hidserv.dll

c:\windows\system32\hid.dll

c:\windows\pchealth\helpctr\binaries\pchsvc.dll

c:\windows\system32\es.dll

c:\windows\system32\ersvc.dll

c:\windows\system32\dmserver.dll

c:\windows\system32\seclogon.dll

c:\windows\system32\srsvc.dll

c:\windows\system32\tapisrv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\trkwks.dll

c:\windows\system32\upnp.dll

c:\windows\system32\ssdpapi.dll

c:\windows\system32\w32time.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\wbem\wmisvc.dll

c:\windows\system32\wbem\wbemcomn.dll

c:\windows\system32\vssapi.dll

c:\windows\system32\wuauserv.dll

c:\windows\system32\wuaueng.dll

c:\windows\system32\winspool.drv

c:\windows\system32\cabinet.dll

c:\windows\system32\mspatcha.dll

c:\windows\system32\rasmans.dll

c:\windows\system32\sens.dll

c:\windows\system32\winipsec.dll

c:\windows\system32\netcfgx.dll

c:\windows\system32\clusapi.dll

c:\windows\system32\browser.dll

c:\windows\system32\sxs.dll

c:\windows\system32\sfc.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\comsvcs.dll

c:\windows\system32\mtxclu.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\colbact.dll

c:\windows\system32\resutils.dll

c:\windows\system32\rastapi.dll

c:\windows\system32\mtxoci.dll

c:\windows\system32\unimdm.tsp

c:\windows\system32\uniplat.dll

c:\windows\system32\netshell.dll

c:\windows\system32\credui.dll

c:\windows\system32\unimdmat.dll

c:\windows\system32\modemui.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wbem\wbemcore.dll

c:\windows\system32\wbem\esscli.dll

c:\windows\system32\wbem\fastprox.dll

c:\windows\system32\wbem\wmiutils.dll

c:\windows\system32\wbem\repdrvfs.dll

c:\windows\system32\kmddsp.tsp

c:\windows\system32\ndptsp.tsp

c:\windows\system32\ipconf.tsp

c:\windows\system32\h323.tsp

c:\windows\system32\wbem\wmiprvsd.dll

c:\windows\system32\ncobjapi.dll

c:\windows\system32\hidphone.tsp

c:\windows\system32\wbem\wbemess.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\rasppp.dll

c:\windows\system32\ntlsapi.dll

c:\windows\system32\ipnathlp.dll

c:\windows\system32\rasdlg.dll

c:\windows\system32\termsrv.dll

c:\windows\system32\icaapi.dll

c:\windows\system32\authz.dll

c:\windows\system32\mstlsapi.dll

c:\windows\system32\regapi.dll

c:\windows\system32\rasauto.dll

c:\windows\system32\icmp.dll

c:\windows\system32\msxml3.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wbem\ncprov.dll

c:\windows\system32\wups2.dll

c:\windows\system32\catsrvut.dll

c:\windows\system32\mfcsubs.dll

c:\windows\system32\msi.dll

c:\windows\system32\catsrv.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\dnsrslvr.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\winmm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\lmhsvc.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\winmm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\webclnt.dll

c:\windows\system32\wininet.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\regsvc.dll

c:\windows\system32\ssdpsrv.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\spoolss.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\localspl.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\version.dll

c:\windows\system32\secur32.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\userenv.dll

c:\windows\system32\winspool.drv

c:\windows\system32\netapi32.dll

c:\windows\system32\cnbjmon.dll

c:\windows\system32\hpzlnt03.dll

c:\windows\system32\mdimon.dll

c:\windows\system32\msi.dll

c:\windows\system32\pjlmon.dll

c:\windows\system32\tcpmon.dll

c:\windows\system32\usbmon.dll

c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\win32spl.dll

c:\windows\system32\netrap.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\inetpp.dll

c:\windows\system32\icmp.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\winmm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

C:\WINDOWS\SYSTEM32\ALG.EXE
c:\windows\system32\alg.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\atl.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\winmm.dll

c:\windows\system32\netshell.dll

c:\windows\system32\credui.dll

c:\windows\system32\shell32.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\wininet.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

C:\PROGRAM FILES\YAHOO!\ANTIVIRUS\ISAFE.EXE
c:\program files\yahoo!\antivirus\isafe.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\isafprod.dll

c:\program files\yahoo!\antivirus\arclib.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\wshtcpip.dll

C:\WINDOWS\SYSTEM32\WDFMGR.EXE
c:\windows\system32\wdfmgr.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\secur32.dll

C:\PROGRAM FILES\YAHOO!\ANTIVIRUS\VETMSG.EXE
c:\program files\yahoo!\antivirus\vetmsg.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\program files\yahoo!\antivirus\driverif.dll

c:\program files\yahoo!\antivirus\vetntmsg.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\wshtcpip.dll

C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE
c:\program files\ipod\bin\ipodservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\version.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\program files\ipod\bin\ipodservice.resources\en.lproj\ipodservicelocalized.dll

c:\program files\ipod\bin\ipodservice.resources\ipodservice.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\sxs.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\secur32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ati2edxx.dll

C:\WINDOWS\EXPLORER.EXE
c:\windows\explorer.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\shell32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\browseui.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\uxtheme.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\cscui.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\themeui.dll

c:\windows\system32\secur32.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\actxprxy.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\linkinfo.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\atl.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\mlljh.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\sxs.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\winsta.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\stobject.dll

c:\windows\system32\batmeter.dll

c:\windows\system32\powrprof.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\netshell.dll

c:\windows\system32\credui.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\msi.dll

c:\windows\system32\midimap.dll

c:\windows\system32\printui.dll

c:\windows\system32\winspool.drv

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\mpr.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\drprov.dll

c:\windows\system32\ntlanman.dll

c:\windows\system32\netui0.dll

c:\windows\system32\netui1.dll

c:\windows\system32\netrap.dll

c:\windows\system32\davclnt.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\shdoclc.dll

C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
c:\windows\system32\wuauclt.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\wucltui.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\cabinet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\wups2.dll

c:\windows\system32\wuaucpl.cpl

c:\windows\system32\mucltui.dll

c:\windows\system32\mucltui.dll.mui

C:\PROGRA~1\YAHOO!\BROWSER\YBRWICON.EXE
c:\progra~1\yahoo!\browser\ybrwicon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\WINDOWS\SOUNDMAN.EXE
c:\windows\soundman.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRA~1\SBCSEL~1\SMARTB~1\MOTIVESB.EXE
c:\progra~1\sbcsel~1\smartb~1\motivesb.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\YAHOO!\ANTIVIRUS\CAVRID.EXE
c:\program files\yahoo!\antivirus\cavrid.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\YAHOO!\ANTIVIRUS\CAVTRAY.EXE
c:\program files\yahoo!\antivirus\cavtray.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
c:\program files\broadjump\client foundation\cfd.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE
c:\program files\ati technologies\ati control panel\atiptaxx.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
c:\program files\itunes\ituneshelper.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\WINDOWS\SOUNDMAN .EXE
c:\windows\soundman .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\winmm.dll

c:\windows\system32\hid.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

C:\PROGRA~1\YAHOO!\BROWSER\YBRWICON .EXE
c:\progra~1\yahoo!\browser\ybrwicon .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\comctl32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\program files\yahoo!\browser\ybrwres.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\system32\msvcr70.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\program files\yahoo!\browser\ycommonps.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

C:\PROGRA~1\COMMON~1\SPYGUA~1\UGAC.EXE
c:\progra~1\common~1\spygua~1\ugac.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRA~1\SBCSEL~1\SMARTB~1\MOTIVESB .EXE
c:\progra~1\sbcsel~1\smartb~1\motivesb .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\version.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\progra~1\sbcsel~1\smartb~1\httpclient52.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\progra~1\sbcsel~1\smartb~1\clientutil52.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\progra~1\sbcsel~1\smartb~1\sbres.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\progra~1\sbcsel~1\smartb~1\psapi.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\sxs.dll

c:\windows\system32\secur32.dll

c:\windows\system32\apphelp.dll

c:\program files\yahoo!\companion\installs\cpn1\yt.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\winmm.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\shdoclc.dll

c:\windows\system32\mlang.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\progra~1\sbcsel~1\smartb~1\alertfilter.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\mshtml.dll

c:\windows\system32\msimtf.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msls31.dll

c:\windows\system32\imm32.dll

c:\program files\sbc self support tool\smartbridge\sbiqwin32.dll

C:\PROGRAM FILES\YAHOO!\ANTIVIRUS\CAVRID .EXE
c:\program files\yahoo!\antivirus\cavrid .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\program files\yahoo!\antivirus\cavfrm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\program files\yahoo!\antivirus\cavprod.dll

c:\program files\yahoo!\antivirus\cavres.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD .EXE
c:\program files\broadjump\client foundation\cfd .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\broadjump\client foundation\stlport_4_0_0_ddr.dll

c:\windows\system32\msvcrt.dll

c:\program files\broadjump\client foundation\bjintlcore_1_1_ddr.dll

c:\windows\system32\version.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\oleaut32.dll

c:\program files\broadjump\client foundation\bjcomrt.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\program files\broadjump\client foundation\basicloaderservice.dll

c:\program files\broadjump\client foundation\appproperties.dll

c:\program files\broadjump\client foundation\bjcombase.dll

c:\program files\broadjump\client foundation\timermanager.dll

c:\program files\broadjump\client foundation\bjcomsrcmanager.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\winmm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\mswsock.dll

C:\PROGRAM FILES\YAHOO!\ANTIVIRUS\CAVTRAY .EXE
c:\program files\yahoo!\antivirus\cavtray .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\program files\yahoo!\antivirus\cavscan.dll

c:\program files\yahoo!\antivirus\driverif.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\program files\yahoo!\antivirus\cavfrm.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\isafprod.dll

c:\program files\yahoo!\antivirus\ezavlic.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\program files\yahoo!\antivirus\cavprod.dll

c:\program files\yahoo!\antivirus\cavres.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\uxtheme.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

C:\WINDOWS\TROY44.EXE
c:\windows\troy44.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX .EXE
c:\program files\ati technologies\ati control panel\atiptaxx .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\version.dll

c:\windows\system32\ole32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\comres.dll

c:\program files\ati technologies\ati control panel\atipdsxx.dll

c:\program files\ati technologies\ati control panel\atrpuixx.enu

c:\program files\ati technologies\ati control panel\atipdxxx.dll

c:\windows\system32\dinput8.dll

c:\windows\system32\hid.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\winmm.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

C:\PROGRAM FILES\ITUNES\ITUNESHELPER .EXE
c:\program files\itunes\ituneshelper .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\secur32.dll

c:\program files\itunes\ituneshelper.resources\en.lproj\ituneshelperlocalized.dll

c:\program files\itunes\ituneshelper.resources\ituneshelper.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\sxs.dll

C:\PROGRAM FILES\JAVA\JRE1.6.0_03\BIN\JUSCHED.EXE
c:\program files\java\jre1.6.0_03\bin\jusched.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRA~1\YAHOO!\BROWSER\YCOMMON.EXE
c:\progra~1\yahoo!\browser\ycommon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\version.dll

c:\windows\system32\winmm.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\progra~1\yahoo!\browser\ycommon.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\program files\yahoo!\browser\ycommonps.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

C:\PROGRAM FILES\COMMON FILES\SPYGUARDPRO\BM .EXE
c:\program files\common files\spyguardpro\bm .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\winspool.drv

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\version.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\userenv.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\msxml3.dll

c:\windows\system32\secur32.dll

c:\windows\system32\urlmon.dll

C:\WINDOWS\TROY44.EXE
c:\windows\troy44.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

C:\PROGRA~1\COMMON~1\SPYGUA~1\UGAC .EXE
c:\progra~1\common~1\spygua~1\ugac .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ole32.dll

c:\windows\system32\version.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

C:\WINDOWS\TROY44 .EXE
c:\windows\troy44 .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvbvm60.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\msinet.ocx

c:\windows\system32\wininet.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\sxs.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\winmm.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\rasadhlp.dll

C:\PROGRAM FILES\COMMON FILES\SPYGUARDPRO\BM .EXE
c:\program files\common files\spyguardpro\bm .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\JAVA\JRE1.6.0_03\BIN\JUSCHED .EXE
c:\program files\java\jre1.6.0_03\bin\jusched .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\shell32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

C:\WINDOWS\TROY44 .EXE
c:\windows\troy44 .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvbvm60.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\msinet.ocx

c:\windows\system32\wininet.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\apphelp.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\sxs.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\winmm.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\userenv.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\rasadhlp.dll

C:\PROGRAM FILES\COMMON FILES\SPYGUARDPRO\BM .EXE
c:\program files\common files\spyguardpro\bm .exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\winspool.drv

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\version.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\userenv.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\msxml3.dll

c:\windows\system32\secur32.dll

c:\windows\system32\urlmon.dll

C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\BIN\MPBTN.EXE
c:\program files\sbc self support tool\bin\mpbtn.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\oleaut32.dll

c:\program files\sbc self support tool\bin\clientutil52.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\program files\sbc self support tool\bin\asstcatalog.dll

c:\program files\sbc self support tool\bin\resource.dll

c:\windows\system32\uxtheme.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

C:\PROGRA~1\YAHOO!\BROWSER\YBROWSER.EXE
c:\progra~1\yahoo!\browser\ybrowser.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\progra~1\yahoo!\browser\ybrwres.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\version.dll

c:\windows\system32\msvcr70.dll

c:\windows\system32\wininet.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\oleaut32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\secur32.dll

c:\windows\system32\uxtheme.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\program files\yahoo!\shared\ybskin2.dll

c:\program files\yahoo!\browser\ypub.dll

c:\progra~1\yahoo!\browser\ycommon.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\sxs.dll

c:\program files\yahoo!\browser\ycommonps.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\shdoclc.dll

c:\windows\system32\msxml3.dll

c:\program files\yahoo!\browser\ytbctl.dll

c:\program files\yahoo!\browser\ybcomp.dll

c:\progra~1\yahoo!\common\yshortcut.dll

c:\windows\system32\mscms.dll

c:\windows\system32\winspool.drv

c:\windows\system32\icm32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\cryptnet.dll

c:\progra~1\yahoo!\browser\ybrowseguard.dll

c:\windows\system32\mlang.dll

c:\windows\system32\mshtml.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\msimtf.dll

c:\windows\system32\msctf.dll

c:\windows\system32\imm32.dll

c:\windows\system32\jscript.dll

c:\windows\system32\msls31.dll

c:\windows\system32\imgutil.dll

c:\windows\system32\macromed\flash\flash9c.ocx

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\mshtmled.dll

c:\windows\system32\schannel.dll

c:\windows\system32\ddrawex.dll

c:\windows\system32\ddraw.dll

c:\windows\system32\dciman32.dll

c:\windows\system32\vbscript.dll

c:\windows\system32\cscui.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\browseui.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\mpr.dll

c:\windows\system32\drprov.dll

c:\windows\system32\ntlanman.dll

c:\windows\system32\netui0.dll

c:\windows\system32\netui1.dll

c:\windows\system32\netrap.dll

c:\windows\system32\davclnt.dll

c:\windows\system32\shgina.dll

c:\windows\system32\msgina.dll

c:\windows\system32\odbc32.dll

c:\windows\system32\odbcint.dll

c:\windows\system32\audiodev.dll

c:\windows\system32\wmvcore.dll

c:\windows\system32\wmasf.dll

c:\windows\system32\linkinfo.dll

C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
c:\program files\mozilla firefox\firefox.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\mozilla firefox\js3250.dll

c:\program files\mozilla firefox\nspr4.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\winmm.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\program files\mozilla firefox\xpcom_core.dll

c:\program files\mozilla firefox\plc4.dll

c:\program files\mozilla firefox\plds4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\version.dll

c:\program files\mozilla firefox\smime3.dll

c:\program files\mozilla firefox\nss3.dll

c:\program files\mozilla firefox\softokn3.dll

c:\program files\mozilla firefox\ssl3.dll

c:\program files\mozilla firefox\xpcom_compat.dll

c:\windows\system32\comdlg32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\winspool.drv

c:\windows\system32\uxtheme.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\program files\mozilla firefox\components\myspell.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\program files\mozilla firefox\components\jar50.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\msimtf.dll

c:\windows\system32\msctf.dll

c:\program files\mozilla firefox\freebl3.dll

c:\program files\mozilla firefox\nssckbi.dll

c:\program files\mozilla firefox\components\spellchk.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\mlljh.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\wininet.dll

c:\windows\system32\imm32.dll

c:\windows\system32\mlang.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\schannel.dll

c:\windows\system32\userenv.dll

c:\program files\mozilla firefox\plugins\npswf32.dll

c:\windows\system32\macromed\common\swsupport.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\cscui.dll

c:\windows\system32\cscdll.dll

c:\program files\microsoft office\office11\msohev.dll

C:\WINDOWS\SYSTEM32\MSIEXEC.EXE
c:\windows\system32\msiexec.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msi.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\userenv.dll

c:\windows\system32\secur32.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\shell32.dll

c:\windows\system32\srclient.dll

c:\windows\system32\wbem\framedyn.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\linkinfo.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\atl.dll

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\lavasoft\ad-aware 2007\ceapi.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\psapi.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\oleaut32.dll

c:\program files\lavasoft\ad-aware 2007\update.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\userenv.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\vetredir.dll

c:\windows\system32\isafeif.dll

c:\windows\system32\wshtcpip.dll

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE
c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shell32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\inetmib1.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netman.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\wmi.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\snmpapi.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\version.dll

c:\windows\system32\mpr.dll

c:\windows\system32\imm32.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\uxtheme.dll

c:\progra~1\sbcsel~1\smartb~1\sbhook.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\olepro32.dll

End of Scan Section
===========================

Cleaned Infections
===========================
Process CSI: c:\program files\common files\spyguardpro\bm .exe, Belonging to AntivirusPCSuite
Process CSI: c:\program files\common files\spyguardpro\bm .exe, Belonging to AntivirusPCSuite
File: c:\program files\common files\spyguardpro\bm .exe, Belonging to AntivirusPCSuite
File: c:\program files\common files\spyguardpro\bm .exe, Belonging to AntivirusPCSuite
File: C:\Program Files\TTC.dll, Belonging to Adware.TTC
File: C:\qoobox\Quarantine\C\Program Files\Online Services\horevoga4444.dll.vir, Belonging to Adware.TTC
File: C:\qoobox\Quarantine\C\Program Files\Online Services\horevoga555077.dll.vir, Belonging to Adware.TTC
File: C:\qoobox\Quarantine\C\Program Files\Online Services\horevoga83122.dll.vir, Belonging to Adware.TTC
File: C:\qoobox\Quarantine\C\WINDOWS\TTC-4444.exe.vir, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004863.exe, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004865.dll, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004975.dll, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004977.exe, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005148.dll, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005149.dll, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005150.dll, Belonging to Adware.TTC
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005187.exe, Belonging to Adware.TTC
File: C:\WINDOWS\system32\to9\parreo83122.exe, Belonging to Adware.TTC
Root: HKLM Path: SOFTWARE\Microsoft\Security Center Value: AntiVirusOverride Data: 1, Belonging to Win32.Trojan.Agent
Root: HKLM Path: software\microsoft\internet explorer Value: mkdata, Belonging to Win32.Trojan.Agent
Root: HKU Path: S-1-5-21-329068152-2025429265-725345543-1003\software\microsoft\internet explorer\main Value: use formsuggest, Belonging to Win32.Trojan.Agent
File: C:\qoobox\Quarantine\C\Program Files\MSN\ladu.dll.vir, Belonging to Win32.Trojan.Agent
File: C:\qoobox\Quarantine\C\Program Files\MSN\ladu440.dll.vir, Belonging to Win32.Trojan.Agent
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0005048.dll, Belonging to Win32.Trojan.Agent
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0005055.dll, Belonging to Win32.Trojan.Agent
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005146.dll, Belonging to Win32.Trojan.Agent
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005147.dll, Belonging to Win32.Trojan.Agent
File: C:\qoobox\Quarantine\C\Program Files\Network Monitor\netmon.exe.vir, Belonging to Hacktool.Netmon
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004827.exe, Belonging to Hacktool.Netmon
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005168.exe, Belonging to Hacktool.Netmon
File: C:\qoobox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir, Belonging to Adware.ZenoSearch
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005170.dll, Belonging to Adware.ZenoSearch
File: C:\qoobox\Quarantine\C\WINDOWS\df87173.exe.vir, Belonging to Win32.TrojanClicker
File: C:\qoobox\Quarantine\C\WINDOWS\hg173.exe.vir, Belonging to Win32.TrojanClicker
File: C:\qoobox\Quarantine\C\WINDOWS\system32\atmtd.dll.vir, Belonging to Win32.TrojanClicker
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004825.dll, Belonging to Win32.TrojanClicker
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005140.dll, Belonging to Win32.TrojanClicker
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005228.exe, Belonging to Win32.TrojanClicker
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005229.exe, Belonging to Win32.TrojanClicker
Root: HKCR Path: lk.auto, Belonging to Win32.TrojanDownloader.Small
File: C:\qoobox\Quarantine\C\WINDOWS\system32\b1\roblcidr31z.exe.vir, Belonging to Win32.TrojanDownloader.Small
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005177.exe, Belonging to Win32.TrojanDownloader.Small
File: C:\qoobox\Quarantine\C\WINDOWS\system32\FNTS~1\wuauboot .exe.vir, Belonging to PurityScan
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004909.exe, Belonging to PurityScan
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004920.exe, Belonging to PurityScan
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005104.exe, Belonging to PurityScan
File: C:\qoobox\Quarantine\C\WINDOWS\system32\fsnaplae.dll.vir, Belonging to Win32.Trojan.BHO
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005145.dll, Belonging to Win32.Trojan.BHO
File: C:\qoobox\Quarantine\C\WINDOWS\tk58.exe.vir, Belonging to Adware.BHO(generic)
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004864.exe, Belonging to Adware.BHO(generic)
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004976.exe, Belonging to Adware.BHO(generic)
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005186.exe, Belonging to Adware.BHO(generic)
File: C:\qoobox\Quarantine\C\WINDOWS\UXVpZXQgQm95\asappsrv.dll.vir, Belonging to CmdServices
File: C:\qoobox\Quarantine\C\WINDOWS\UXVpZXQgQm95\command.exe.vir, Belonging to CmdServices
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005153.exe, Belonging to CmdServices
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005178.dll, Belonging to CmdServices
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP37\A0004866.exe, Belonging to Win32.TrojanDownloader.VB
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP38\A0004974.exe, Belonging to Win32.TrojanDownloader.VB
File: C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP39\A0005106.exe, Belonging to Win32.TrojanDownloader.VB
File: C:\WINDOWS\fkwggshm.exe, Belonging to Win32.TrojanDownloader.VB
File: C:\WINDOWS\system32\dj2\axebmbrpl6.exe, Belonging to Win32.TrojanDownloader.Obfuscated

End of Cleaned Infections
===========================

Cleaned Infections
===========================
Browser: Internet Explorer Cookie: C:\Documents and Settings\LocalService\Cookies\index.dat findwhat.com uid /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\LocalService\Cookies\index.dat waterfrontmedia.112.2o7.net s_vi /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\LocalService\Cookies\index.dat doubleclick.net id /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ehg-kasperskylab.hitbox.com WSS_MIGRATION /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat advertising.com C2 /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat advertising.com ACID /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ads.revsci.net rsi_us_1000000 /adserver, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com uid /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com liday1 /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com vuday1 /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com ih /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com bh /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat ad.yieldmanager.com fl_inst /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net DMEXP /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net CTCI /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net HS /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net LO /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net DGI /, Belonging to Tracking Cookie
Browser: Internet Explorer Cookie: C:\Documents and Settings\Quiet Boy\Cookies\index.dat adopt.specificclick.net UI /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt atdmt.com AA002 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net NETSEGS_K05540 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net NETID01 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net rsi_cls_1000000 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt revsci.net rsi_segs_1000000 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt doubleclick.net id /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com S1CSE5 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRpc /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRcr /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRpl /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRcp /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRca /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRimp /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ads.pointroll.com PRID /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com fl_inst /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com uid /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com liday1 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com vuday1 /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt ad.yieldmanager.com ih /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com ANON_ID /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com TfAdCountDate /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com TfCtxtAdServer /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt tribalfusion.com TfAdCountMap /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt clickbank.net p /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt kontera.com imprs /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt kontera.com cluid /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt 2o7.net s_vi_zx7Cgnefkhe /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt 2o7.net s_vi_usheik /, Belonging to Tracking Cookie
Browser: Firefox Cookie: C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles/ae4c161m.default\cookies.txt 2o7.net s_vi_x7Fybhizix60cx7Cix7E /, Belonging to Tracking Cookie
MRU Path: C:\Documents and Settings\Quiet Boy\Recent Count: 16, Belonging to MRU Object

End of Cleaned Infections
===========================

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:21 AM

Posted 28 December 2007 - 05:09 PM

Did your scan provide a specific file name associated with this malware threat and if so, where is it located (full file path) at on your system? If your scan saved a log file, it should show exactly what and where the malware has been found so post that instead.

Looks like most of the malware is in the qoobox quarantine folder.

Download OTMoveIt by OldTimer and save to your Desktop.
  • Connect to the Internet and double-click on OTMoveIt.exe to launch the program
  • Click on the CleanUp! button.
  • When you do this a text file named cleanup.txt will be downloaded from the Internet.
  • If you get a warning from your firewall or other security programs regarding OTMoveIt attempting to contact the Internet you should allow it to do so.
  • After the text file has been downloaded, you will be asked if you want to Begin cleanup process?
  • Select Yes.
Other malware was found in your System Volume Information Folder (SVI) which is a part of System Restore. This is the feature that allows you to set points in time to roll back your computer to a clean working state. The SIV folder is protected by permissions that only allow the system to have access and is hidden by default unless you have reconfigured Windows to show it.

System Restore will back up the good as well as the bad files so when malware is present on the system it gets included in any restore points. When you scan your system with anti-virus or anti-malware tools, you may receive an alert or notification that a virus was found in the System Volume Information folder (System Restore points) but the anti-virus software was unable to remove it. Since the System Volume Information folder is a protected directory, most scanning tools cannot access it to disinfect or delete these files. If not removed, they sometimes can reinfect your system if you accidentally use an old restore point.

To fix this, you need to Create a New Restore Point to enable your computer to "roll-back" to a clean working state and use Disk Cleanup to remove all but the most recent restore point.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 daazndrgon

daazndrgon
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:21 AM

Posted 28 December 2007 - 09:32 PM

i just ran the otmoveit and it deleted some stuff along with the program itself is that normal?? And whenever i turn on my computer it says explorer.exe is not ready.
I think i still have the trojandownloader.xs . Here is the Kaspersky Log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, December 28, 2007 8:16:10 PM
Operating System: Microsoft Windows XP Professional, (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 29/12/2007
Kaspersky Anti-Virus database records: 499353
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 32390
Number of viruses found: 6
Number of infected objects: 92
Number of suspicious objects: 0
Duration of the scan process: 00:44:19

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\cert8.db Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\history.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\key3.db Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\parent.lock Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Quiet Boy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-2afc8601-6e878915.zip/vmain.class Infected: Exploit.Java.Gimsh.b skipped
C:\Documents and Settings\Quiet Boy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-2afc8601-6e878915.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Quiet Boy\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ae4c161m.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\History\History.IE5\MSHist012007122820071229\index.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX10.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX13.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX16.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX19.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX1C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX1F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX22.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX25.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX2B.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX2E.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX3.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX3D.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX40.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX43.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX46.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX49.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX4C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX4F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX5B.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX6.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX72.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX75.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX78.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX7B.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX7E.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX81.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX84.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX9.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCX90.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXA7.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXAA.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXAD.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXB0.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXB3.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXB6.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXB9.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXC5.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temp\RCXD.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Quiet Boy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\ntuser.dat Object is locked skipped
C:\Documents and Settings\Quiet Boy\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\BroadJump\Client Foundation\CFD.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\bm.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Common Files\SpyGuardPro\ugac.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\iTunes\iTunesHelper.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\QuickTime\qttask .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\QuickTime\qttask .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\QuickTime\qttask .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\QuickTime\qttask .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\QuickTime\qttask .exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\QuickTime\qttask.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Real\RealPlayer\RealPlay.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\SBC Self Support Tool\log\mpbtn.log Object is locked skipped
C:\Program Files\SBC Self Support Tool\SmartBridge\AlertFilter.log Object is locked skipped
C:\Program Files\SBC Self Support Tool\SmartBridge\log\httpclient.log Object is locked skipped
C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\SBC Self Support Tool\SmartBridge\SmartBridge.log Object is locked skipped
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Yahoo!\browser\ybrwicon.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\Yahoo!\YOP\yop.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007448.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007449.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007450.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007451.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007452.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007453.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007454.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007455.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007456.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007457.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007458.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007459.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007460.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007461.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007462.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007463.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007465.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\A0007476.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{4D1EA537-07A0-4DCC-8795-8E6BEDABE46C}\RP50\change.log Object is locked skipped
C:\WINDOWS\Debug\oakley.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\mrofinu77.exe.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{46AF79CC-CB97-4A20-B41C-066691C56A5C}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\SOUNDMAN.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\system32\0.633114.exe Infected: Trojan-Downloader.Win32.VB.bzi skipped
C:\WINDOWS\system32\ardCo02\ardCo021099.exe Infected: Trojan-Downloader.Win32.VB.caw skipped
C:\WINDOWS\system32\bbc9\xoppzwb91.exe Infected: not-a-virus:AdWare.Win32.Agent.co skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\mlljh.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\system32\RCX40.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\system32\RCX43.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\winshow .exe Infected: Trojan-Downloader.Win32.VB.bvj skipped

Scan process completed.

Edited by daazndrgon, 28 December 2007 - 11:18 PM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:21 AM

Posted 29 December 2007 - 12:48 AM

i just ran the otmoveit and it deleted some stuff along with the program itself is that normal?

Yes, its a cleanup utility.

Now please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. If you can't perform a step, then skip and continue with the next. In step #9 there are instructions for downloading HijackThis and creating a log. (This is a self-extracting version which will automatically install the current version of HJT in the proper location.) If using Windows Vista, be sure to Run As Administrator.

When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix. After doing this, we would appreciate if you post a link to your log back here so we know that your getting help from the HJT Team.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users