Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search redirects in IE and Chrome and Norton detects trojan horse


  • This topic is locked This topic is locked
3 replies to this topic

#1 aviatorbja

aviatorbja

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:20 PM

Posted 10 December 2009 - 06:23 AM

I've tried webroot spysweeper, norton antiVirus and 360 and a few others. I have used Malwarebyte's antimalware to remove Vundo a few days ago. However, I Cannnot seem to stop this virus.
IE and chrome searches are randomly redirected to ad sites. Below are DDS Log and the Norton log text files. I've also attached the Attach.txt file as directed.

I've tried running the RootRepeal scan overnight, but the program hangs and never finishes.
Any help would be greatly appreciated. Thanks!

DDS (Ver_09-12-01.01) - NTFSx86
Run by Brian at 18:52:05.52 on Wed 12/09/2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.638 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\ehome\ehRecvr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Brian\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://my.yahoo.com/
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.5.2.11\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\brian\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [SpySweeper] "c:\program files\webroot\webrootsecurity\SpySweeperUI.exe" /startintray
dRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: aol.com\free
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
Trusted Zone: turbotax.com
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://myvpn.ford.com/dana-cached/sc/JuniperSetupClient.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.5.2.11\CoIEPlg.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: kujejato.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SecurityProviders: credssp.dll, msansspc.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
IFEO: image file execution options - svchost.exe
IFEO: brastk.exe - svchost.exe

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-10-25 28552]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2009-11-6 29808]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0305020.00b\SymEFA.sys [2009-12-2 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0305020.00b\BHDrvx86.sys [2009-12-2 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0305020.00b\cchpx86.sys [2009-12-2 482432]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091111.001\IDSvix86.sys [2009-12-1 343088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-12-2 102448]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2008-9-10 1399552]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0305020.00b\symndisv.sys [2009-12-2 48688]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-6-18 23680]

=============== Created Last 30 ================

2009-12-08 12:01:24 1563008 ----a-w- c:\windows\WRSetup.dll
2009-12-08 12:01:24 0 d-----w- c:\users\brian\appdata\roaming\Webroot
2009-12-08 12:01:24 0 d-----w- c:\programdata\Webroot
2009-12-08 11:19:48 0 d--h--w- c:\windows\PIF
2009-12-08 11:16:00 0 d-----w- c:\users\brian\appdata\roaming\Desktopicon
2009-12-08 11:15:58 0 d-----w- c:\program files\Unlocker
2009-12-07 23:14:12 0 ---ha-w- C:\ProgramData.LOG2
2009-12-07 23:14:12 0 ---ha-w- C:\ProgramData.LOG1
2009-12-07 22:56:14 0 d-----w- c:\program files\Ask.com
2009-12-07 22:55:36 0 d-----w- c:\program files\MSSOAP
2009-12-07 22:55:36 0 d-----w- c:\program files\common files\MSSoap
2009-12-07 22:55:16 0 d-----w- c:\program files\Webroot
2009-12-07 22:54:59 164 ----a-w- c:\windows\install.dat
2009-12-07 18:00:59 0 d-sh--w- c:\windows\system32\lowsec
2009-12-06 21:45:59 0 d-----w- c:\program files\Windows Portable Devices
2009-12-06 21:45:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-12-06 21:45:14 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-06 21:42:54 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-06 21:42:52 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-06 21:42:52 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-06 21:42:04 258048 ----a-w- c:\windows\system32\winspool.drv
2009-12-06 21:42:01 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-12-06 21:40:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-12-06 21:39:59 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-06 21:39:59 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-06 21:39:59 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-06 21:37:00 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-12-06 21:36:18 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-06 21:36:16 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-06 21:35:23 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-12-06 21:35:20 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-06 15:39:54 0 d-----w- c:\users\brian\appdata\roaming\Malwarebytes
2009-12-06 15:39:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-06 15:39:46 0 d-----w- c:\programdata\Malwarebytes
2009-12-06 15:39:45 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-06 15:39:45 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-06 14:07:47 0 d-----r- c:\program files\Norton Support
2009-12-02 02:12:22 23848 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-12-02 02:12:22 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-12-02 02:12:21 0 d-----w- c:\programdata\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2009-12-02 02:12:10 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-12-02 02:12:00 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-12-02 02:12:00 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-12-02 02:12:00 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-02 02:12:00 0 d-----w- c:\program files\Symantec
2009-12-02 02:11:10 0 d-----w- c:\windows\system32\drivers\N360
2009-12-02 02:11:05 0 d-----w- c:\program files\Norton 360
2009-12-02 02:06:29 0 d-----w- c:\programdata\PCSettings
2009-12-02 02:02:57 0 d-----w- c:\users\brian\appdata\roaming\GetRightToGo
2009-11-29 01:37:24 0 d-----w- c:\program files\iPod
2009-11-29 01:37:23 0 d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-27 15:20:13 0 d-----w- c:\users\brian\appdata\roaming\LEGO Company
2009-11-27 15:15:43 0 d-----w- c:\program files\LEGO Company
2009-11-13 02:30:20 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-11-13 02:29:36 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-11-13 02:29:31 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-11-13 02:29:31 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-11 04:08:24 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2009-11-11 04:08:24 69632 ----a-w- c:\windows\system32\QuickTime.qts

==================== Find3M ====================

2009-12-07 01:04:17 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-06 21:45:56 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-06 21:45:55 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-12-06 21:45:55 143360 ----a-w- c:\windows\inf\infstor.dat
2009-11-27 22:00:01 20 ---h--w- c:\programdata\PKP_DLec.DAT
2009-11-27 22:00:01 20 ---h--w- c:\programdata\PKP_DLds.DAT
2009-11-06 17:00:36 23152 ----a-w- c:\windows\system32\drivers\sshrmd.sys
2009-11-06 17:00:36 176752 ----a-w- c:\windows\system32\drivers\ssidrv.sys
2009-11-06 17:00:34 29808 ----a-w- c:\windows\system32\drivers\ssfs0bbc.sys
2009-11-01 01:44:55 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-10-26 01:33:09 782336 ----a-w- c:\windows\system32\ce78.dll
2009-10-01 14:29:14 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01:54 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01:50 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01:49 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01:49 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-25 02:10:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07:08 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04:32 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49:22 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48:08 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38:29 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36:13 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35:31 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33:25 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33:15 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:32:59 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31:53 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31:26 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31:21 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31:19 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31:16 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31:15 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30:23 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30:23 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27:04 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27:04 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27:04 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54:53 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54:52 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2008-08-10 13:42:31 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-08-13 01:12:01 22 --sha-w- c:\windows\sminst\HPCD.sys
2007-08-16 02:32:55 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 18:54:29.49 ===============


Here is the Norton log:
Category: Resolved Security Risks
Date & Time,Severity,Activity,Status,Recommended Action,Risk Category,Definitions Version,Component,File Name,ERASER Version,Risk Name,Risk Type,Risk State
12/10/2009 6:09 AM,High,Auto-Protect has detected Trojan Horse,"Blocked, Blocked",Resolved - No Action,Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\aant.tmp\svchost.exe,,,,
12/10/2009 6:03 AM,High,Auto-Protect has detected Trojan Horse,"Blocked, Blocked",Resolved - No Action,Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\bkiw.tmp\svchost.exe,,,,
12/10/2009 5:57 AM,High,Auto-Protect has detected Trojan Horse,"Blocked, Blocked",Resolved - No Action,Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\dgja.tmp\svchost.exe,,,,
12/10/2009 5:51 AM,High,Auto-Protect has detected Trojan Horse,"Blocked, Blocked",Resolved - No Action,Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\rlpc.tmp\svchost.exe,,,,
12/10/2009 5:46 AM,High,Auto-Protect has detected Trojan Horse,"Blocked, Blocked",Resolved - No Action,Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\cbkh.tmp\svchost.exe,,,,
12/10/2009 5:40 AM,High,Auto-Protect has detected Trojan Horse,"Blocked, Blocked",Resolved - No Action,Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\aupq.tmp\svchost.exe,,,,
12/10/2009 5:34 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\mfxh.tmp\svchost.exe,,,,
12/10/2009 5:29 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\ugbe.tmp\svchost.exe,,,,
12/10/2009 5:23 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\fovh.tmp\svchost.exe,,,,
12/10/2009 5:17 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\ysgc.tmp\svchost.exe,,,,
12/10/2009 5:11 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\gnbp.tmp\svchost.exe,,,,
12/10/2009 5:06 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\onlu.tmp\svchost.exe,,,,
12/10/2009 5:00 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\lrut.tmp\svchost.exe,,,,
12/10/2009 4:54 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\ugpo.tmp\svchost.exe,,,,
12/10/2009 4:48 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\gojm.tmp\svchost.exe,,,,
12/10/2009 4:43 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\slum.tmp\svchost.exe,,,,
12/10/2009 4:37 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\hgly.tmp\svchost.exe,,,,
12/10/2009 4:31 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\nsqj.tmp\svchost.exe,,,,
12/10/2009 4:25 AM,High,Auto-Protect has detected Suspicious.MH690.A,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,c:\windows\temp\lfpi.tmp\svchost.exe,,,,
12/10/2009 4:21 AM,High,Suspicious.MH690.A detected by Auto-Protect,Quarantined,Resolved - No Action,Heuristic Virus,2009.12.09.041,Auto-Protect,,109.2.3.12,Suspicious.MH690.A,File Based,Fully removed
12/9/2009 5:33 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Cookie,2009.12.08.041,Virus scanner,,109.2.2.4,Tracking Cookie,File Based,Partially removed
12/6/2009 12:51 PM,High,Trojan.Vundo!gen2 detected by Auto-Protect,Quarantined,Resolved - No Action,Heuristic Virus,2009.12.06.005,Auto-Protect,,109.2.2.4,Trojan.Vundo!gen2,File Based,Fully removed
12/6/2009 9:00 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\infc.tmp\svchost.exe,,,,
12/6/2009 8:55 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\nudw.tmp\svchost.exe,,,,
12/6/2009 8:49 AM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Cookie,2009.12.05.021,Virus scanner,,109.2.2.4,Tracking Cookie,File Based,Fully removed
12/6/2009 8:49 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\kdbp.tmp\svchost.exe,,,,
12/6/2009 8:43 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\omcf.tmp\svchost.exe,,,,
12/6/2009 8:37 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\gbjp.tmp\svchost.exe,,,,
12/6/2009 8:32 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hnwv.tmp\svchost.exe,,,,
12/6/2009 8:26 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\crfs.tmp\svchost.exe,,,,
12/6/2009 8:20 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\onbt.tmp\svchost.exe,,,,
12/6/2009 8:15 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cpui.tmp\svchost.exe,,,,
12/6/2009 8:09 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\qtgs.tmp\svchost.exe,,,,
12/6/2009 8:03 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\uamo.tmp\svchost.exe,,,,
12/6/2009 7:57 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\bpel.tmp\svchost.exe,,,,
12/6/2009 7:52 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\brfm.tmp\svchost.exe,,,,
12/6/2009 7:46 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\kphy.tmp\svchost.exe,,,,
12/6/2009 7:40 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\qmgn.tmp\svchost.exe,,,,
12/6/2009 7:34 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\fwte.tmp\svchost.exe,,,,
12/6/2009 7:29 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\jiqp.tmp\svchost.exe,,,,
12/6/2009 7:23 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\fnkk.tmp\svchost.exe,,,,
12/6/2009 7:17 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\rifp.tmp\svchost.exe,,,,
12/6/2009 7:12 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\jwqk.tmp\svchost.exe,,,,
12/6/2009 7:06 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ejbh.tmp\svchost.exe,,,,
12/6/2009 7:00 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vkpf.tmp\svchost.exe,,,,
12/6/2009 6:54 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\tygf.tmp\svchost.exe,,,,
12/6/2009 6:49 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\thae.tmp\svchost.exe,,,,
12/6/2009 6:43 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\mxjc.tmp\svchost.exe,,,,
12/6/2009 6:37 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\juwk.tmp\svchost.exe,,,,
12/6/2009 6:31 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cdcj.tmp\svchost.exe,,,,
12/6/2009 6:26 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ghcu.tmp\svchost.exe,,,,
12/6/2009 6:20 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\byde.tmp\svchost.exe,,,,
12/6/2009 6:14 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vulr.tmp\svchost.exe,,,,
12/6/2009 6:09 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\qshp.tmp\svchost.exe,,,,
12/6/2009 6:03 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cwbe.tmp\svchost.exe,,,,
12/6/2009 5:57 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cpux.tmp\svchost.exe,,,,
12/6/2009 5:51 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\rqej.tmp\svchost.exe,,,,
12/6/2009 5:46 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\lijh.tmp\svchost.exe,,,,
12/6/2009 5:40 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\scqa.tmp\svchost.exe,,,,
12/6/2009 5:34 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\sbbm.tmp\svchost.exe,,,,
12/6/2009 5:29 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\apsy.tmp\svchost.exe,,,,
12/6/2009 5:23 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\uhbn.tmp\svchost.exe,,,,
12/6/2009 5:17 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\edia.tmp\svchost.exe,,,,
12/6/2009 5:11 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\xcxn.tmp\svchost.exe,,,,
12/6/2009 5:06 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\rdse.tmp\svchost.exe,,,,
12/6/2009 5:00 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\kdle.tmp\svchost.exe,,,,
12/6/2009 4:54 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\nenx.tmp\svchost.exe,,,,
12/6/2009 4:49 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vtlu.tmp\svchost.exe,,,,
12/6/2009 4:43 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\bjpp.tmp\svchost.exe,,,,
12/6/2009 4:37 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\iyxm.tmp\svchost.exe,,,,
12/6/2009 4:31 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\weje.tmp\svchost.exe,,,,
12/6/2009 4:26 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\jlqr.tmp\svchost.exe,,,,
12/6/2009 4:20 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ndsk.tmp\svchost.exe,,,,
12/6/2009 4:14 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\keyw.tmp\svchost.exe,,,,
12/6/2009 4:09 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\bvau.tmp\svchost.exe,,,,
12/6/2009 4:03 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ggpd.tmp\svchost.exe,,,,
12/6/2009 3:57 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\otkw.tmp\svchost.exe,,,,
12/6/2009 3:51 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ggkf.tmp\svchost.exe,,,,
12/6/2009 3:46 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\nasl.tmp\svchost.exe,,,,
12/6/2009 3:40 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\pkot.tmp\svchost.exe,,,,
12/6/2009 3:34 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ynsf.tmp\svchost.exe,,,,
12/6/2009 3:29 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\bgkl.tmp\svchost.exe,,,,
12/6/2009 3:23 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hscy.tmp\svchost.exe,,,,
12/6/2009 3:17 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cvbq.tmp\svchost.exe,,,,
12/6/2009 3:11 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cfdy.tmp\svchost.exe,,,,
12/6/2009 3:06 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\fhxu.tmp\svchost.exe,,,,
12/6/2009 3:00 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\swyi.tmp\svchost.exe,,,,
12/6/2009 2:54 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\wdli.tmp\svchost.exe,,,,
12/6/2009 2:48 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hcal.tmp\svchost.exe,,,,
12/6/2009 2:43 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\icxf.tmp\svchost.exe,,,,
12/6/2009 2:37 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\clek.tmp\svchost.exe,,,,
12/6/2009 2:31 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\msxb.tmp\svchost.exe,,,,
12/6/2009 2:26 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\awuy.tmp\svchost.exe,,,,
12/6/2009 2:20 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\wqcd.tmp\svchost.exe,,,,
12/6/2009 2:14 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vhae.tmp\svchost.exe,,,,
12/6/2009 2:08 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\nlla.tmp\svchost.exe,,,,
12/6/2009 2:03 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\oiaj.tmp\svchost.exe,,,,
12/6/2009 1:57 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\mwle.tmp\svchost.exe,,,,
12/6/2009 1:51 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hrnx.tmp\svchost.exe,,,,
12/6/2009 1:46 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\idbi.tmp\svchost.exe,,,,
12/6/2009 1:40 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\smrs.tmp\svchost.exe,,,,
12/6/2009 1:34 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\adrq.tmp\svchost.exe,,,,
12/6/2009 1:28 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cxqs.tmp\svchost.exe,,,,
12/6/2009 1:23 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ftmw.tmp\svchost.exe,,,,
12/6/2009 1:17 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\npll.tmp\svchost.exe,,,,
12/6/2009 1:11 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\yqgi.tmp\svchost.exe,,,,
12/6/2009 1:06 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\tsik.tmp\svchost.exe,,,,
12/6/2009 1:00 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\xyui.tmp\svchost.exe,,,,
12/6/2009 12:54 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\svms.tmp\svchost.exe,,,,
12/6/2009 12:48 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cocf.tmp\svchost.exe,,,,
12/6/2009 12:43 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\djda.tmp\svchost.exe,,,,
12/6/2009 12:37 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vmtn.tmp\svchost.exe,,,,
12/6/2009 12:31 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\cxvw.tmp\svchost.exe,,,,
12/6/2009 12:25 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\dqua.tmp\svchost.exe,,,,
12/6/2009 12:20 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\tkkd.tmp\svchost.exe,,,,
12/6/2009 12:14 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\krba.tmp\svchost.exe,,,,
12/6/2009 12:08 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\alcg.tmp\svchost.exe,,,,
12/6/2009 12:02 AM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ilck.tmp\svchost.exe,,,,
12/5/2009 11:57 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\stvq.tmp\svchost.exe,,,,
12/5/2009 11:51 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\lnta.tmp\svchost.exe,,,,
12/5/2009 11:45 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\iliw.tmp\svchost.exe,,,,
12/5/2009 11:39 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\dctm.tmp\svchost.exe,,,,
12/5/2009 11:34 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\wdxt.tmp\svchost.exe,,,,
12/5/2009 11:28 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\jkrl.tmp\svchost.exe,,,,
12/5/2009 11:22 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\pyxq.tmp\svchost.exe,,,,
12/5/2009 11:17 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\lukj.tmp\svchost.exe,,,,
12/5/2009 11:11 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\wynb.tmp\svchost.exe,,,,
12/5/2009 11:05 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\xsao.tmp\svchost.exe,,,,
12/5/2009 10:59 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\qvnu.tmp\svchost.exe,,,,
12/5/2009 10:54 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\tjtl.tmp\svchost.exe,,,,
12/5/2009 10:48 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\rppr.tmp\svchost.exe,,,,
12/5/2009 10:42 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hxqb.tmp\svchost.exe,,,,
12/5/2009 10:36 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hnky.tmp\svchost.exe,,,,
12/5/2009 10:31 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\rcui.tmp\svchost.exe,,,,
12/5/2009 10:25 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\xnnc.tmp\svchost.exe,,,,
12/5/2009 10:19 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\modw.tmp\svchost.exe,,,,
12/5/2009 10:14 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\eadn.tmp\svchost.exe,,,,
12/5/2009 10:08 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\hjeh.tmp\svchost.exe,,,,
12/5/2009 10:02 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\uetj.tmp\svchost.exe,,,,
12/5/2009 9:56 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\yuys.tmp\svchost.exe,,,,
12/5/2009 9:51 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\eniq.tmp\svchost.exe,,,,
12/5/2009 9:45 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\jgbx.tmp\svchost.exe,,,,
12/5/2009 9:39 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\ufwf.tmp\svchost.exe,,,,
12/5/2009 9:34 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vmbx.tmp\svchost.exe,,,,
12/5/2009 9:28 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\eqmo.tmp\svchost.exe,,,,
12/5/2009 9:22 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\wlwq.tmp\svchost.exe,,,,
12/5/2009 9:16 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\pesn.tmp\svchost.exe,,,,
12/5/2009 9:11 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\rppu.tmp\svchost.exe,,,,
12/5/2009 9:05 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\bwpn.tmp\svchost.exe,,,,
12/5/2009 8:59 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\vwyo.tmp\svchost.exe,,,,
12/5/2009 8:54 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.021,Auto-Protect,c:\windows\temp\dfmh.tmp\svchost.exe,,,,
12/5/2009 8:48 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\pppf.tmp\svchost.exe,,,,
12/5/2009 8:42 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\kwaj.tmp\svchost.exe,,,,
12/5/2009 8:36 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ukob.tmp\svchost.exe,,,,
12/5/2009 8:31 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\dotk.tmp\svchost.exe,,,,
12/5/2009 8:25 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\llyd.tmp\svchost.exe,,,,
12/5/2009 8:19 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\cocl.tmp\svchost.exe,,,,
12/5/2009 8:13 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ugwf.tmp\svchost.exe,,,,
12/5/2009 8:08 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\rkbv.tmp\svchost.exe,,,,
12/5/2009 8:02 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\xyam.tmp\svchost.exe,,,,
12/5/2009 7:56 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\aouo.tmp\svchost.exe,,,,
12/5/2009 7:51 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\gbvj.tmp\svchost.exe,,,,
12/5/2009 7:45 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ckxg.tmp\svchost.exe,,,,
12/5/2009 7:39 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\eqjl.tmp\svchost.exe,,,,
12/5/2009 7:33 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ywfs.tmp\svchost.exe,,,,
12/5/2009 7:28 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\dhvs.tmp\svchost.exe,,,,
12/5/2009 7:22 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\nfyu.tmp\svchost.exe,,,,
12/5/2009 7:16 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\bjeo.tmp\svchost.exe,,,,
12/5/2009 7:10 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\lyhc.tmp\svchost.exe,,,,
12/5/2009 7:05 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\efbt.tmp\svchost.exe,,,,
12/5/2009 6:59 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ptst.tmp\svchost.exe,,,,
12/5/2009 6:53 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\lawk.tmp\svchost.exe,,,,
12/5/2009 6:48 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\tsvh.tmp\svchost.exe,,,,
12/5/2009 6:42 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ucxh.tmp\svchost.exe,,,,
12/5/2009 6:36 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\fhhy.tmp\svchost.exe,,,,
12/5/2009 6:30 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\jvyx.tmp\svchost.exe,,,,
12/5/2009 6:25 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\cwrr.tmp\svchost.exe,,,,
12/5/2009 6:19 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\xlcn.tmp\svchost.exe,,,,
12/5/2009 6:13 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\loxi.tmp\svchost.exe,,,,
12/5/2009 6:08 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\gubx.tmp\svchost.exe,,,,
12/5/2009 6:02 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\vwjl.tmp\svchost.exe,,,,
12/5/2009 5:56 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ddyu.tmp\svchost.exe,,,,
12/5/2009 5:50 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\efxt.tmp\svchost.exe,,,,
12/5/2009 5:45 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\nikc.tmp\svchost.exe,,,,
12/5/2009 5:39 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\prjk.tmp\svchost.exe,,,,
12/5/2009 5:33 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\pino.tmp\svchost.exe,,,,
12/5/2009 5:27 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\mtiw.tmp\svchost.exe,,,,
12/5/2009 5:22 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\niim.tmp\svchost.exe,,,,
12/5/2009 5:16 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\tcfm.tmp\svchost.exe,,,,
12/5/2009 5:10 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\qitv.tmp\svchost.exe,,,,
12/5/2009 5:05 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\jlwy.tmp\svchost.exe,,,,
12/5/2009 4:59 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\qxgq.tmp\svchost.exe,,,,
12/5/2009 4:53 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\huct.tmp\svchost.exe,,,,
12/5/2009 4:47 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\pwkt.tmp\svchost.exe,,,,
12/5/2009 4:42 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\eart.tmp\svchost.exe,,,,
12/5/2009 4:36 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\dwki.tmp\svchost.exe,,,,
12/5/2009 4:30 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\dvck.tmp\svchost.exe,,,,
12/5/2009 4:24 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\sdof.tmp\svchost.exe,,,,
12/5/2009 4:19 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\nayn.tmp\svchost.exe,,,,
12/5/2009 4:13 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\csnc.tmp\svchost.exe,,,,
12/5/2009 4:07 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\obuw.tmp\svchost.exe,,,,
12/5/2009 4:01 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\yhwf.tmp\svchost.exe,,,,
12/5/2009 3:56 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\dmpv.tmp\svchost.exe,,,,
12/5/2009 3:50 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\dkxb.tmp\svchost.exe,,,,
12/5/2009 3:44 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\nycl.tmp\svchost.exe,,,,
12/5/2009 3:38 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\gafy.tmp\svchost.exe,,,,
12/5/2009 3:33 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\mcbi.tmp\svchost.exe,,,,
12/5/2009 3:27 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\fogf.tmp\svchost.exe,,,,
12/5/2009 3:21 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\lsmx.tmp\svchost.exe,,,,
12/5/2009 3:15 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\mjst.tmp\svchost.exe,,,,
12/5/2009 3:10 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\luto.tmp\svchost.exe,,,,
12/5/2009 3:04 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ldcs.tmp\svchost.exe,,,,
12/5/2009 2:58 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ikpj.tmp\svchost.exe,,,,
12/5/2009 2:52 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\vbay.tmp\svchost.exe,,,,
12/5/2009 2:47 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\nbiu.tmp\svchost.exe,,,,
12/5/2009 2:41 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\wmfn.tmp\svchost.exe,,,,
12/5/2009 2:35 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\gymo.tmp\svchost.exe,,,,
12/5/2009 2:29 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\etpp.tmp\svchost.exe,,,,
12/5/2009 2:24 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\wkty.tmp\svchost.exe,,,,
12/5/2009 2:18 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\ijhh.tmp\svchost.exe,,,,
12/5/2009 2:12 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\oggl.tmp\svchost.exe,,,,
12/5/2009 2:07 PM,High,Auto-Protect has detected Trojan.Vundo!gen2,"Blocked, Blocked",Resolved - No Action,Heuristic Virus,2009.12.05.006,Auto-Protect,c:\windows\temp\nsit.tmp\svchost.exe,,,,

Attached Files



BC AdBot (Login to Remove)

 


#2 Ried

Ried

  • Malware Response Team
  • 1,009 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 PM

Posted 15 December 2009 - 11:25 PM

Hello aviatorbja,

If you still require assistance, please download gmer from here and save it to your desktop.

Right click to run as administrator.
  • An initial scan will automatically begin.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.


    Posted Image
    Click the image to enlarge it


  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries



Please attach the ark.txt in your next reply along with a fresh dds.txt.

Microsoft MVP - Consumer Security 2010, 2011, 2012

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."


#3 aviatorbja

aviatorbja
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:20 PM

Posted 17 December 2009 - 06:48 AM

Ried, thanks very much for your reply. I ended up downloading Kaspersky Anti Virus and it found and removed a rootkit virus.

I will now be backing up my system and re-installing my OS.

thanks again. I have learned a lot from this forum. this issue can be closed.


-Brian

#4 Ried

Ried

  • Malware Response Team
  • 1,009 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:20 PM

Posted 17 December 2009 - 11:08 PM

Thanks for letting me know, Brian. Often times a reformat and reinstall is the safest solution going forward.

Take care, and remember to Think Prevention. Posted Image

Microsoft MVP - Consumer Security 2010, 2011, 2012

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users