Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Generic Host Process for Win32 Services shutdown


  • Please log in to reply
23 replies to this topic

#1 mmason

mmason

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 17 July 2011 - 10:10 AM

This problem is occurring on a desktop computer owned by my girlfriend's mother:

What Happens:

When the computer is started, the sound functions normally (U-tube videos, etc).
After the computer has been running a while (anywhere from 10 minutes to an hour), the following message appears in a grey box in the middle of the screen:

Generic host process for win 32 services has encountered a problem and has shut down.

After this, the sound is disabled on the computer. Control Panel - Sounds and Audio Devices: has the volume control and several check boxes greyed-out and inaccessible.


What we have done:


  • Run MalwareBytes, SuperAntiSpyware, and AVG scans. Malware was found and removed without helping the above problem.
  • Run CCleaner, removed temp files and repaired registry.
  • Typed problem into Google, found several things to try:
  • Reset Winsock
  • Found a suggestion to update windows, Found that Windows will not update. When attempting to run windows update from Start Menu, Internet Explorer, or Control Panel, IE starts, the address bar indicates that explorer is being directed to a microsoft update web page, but the main explorer window displays a "cannot display page" error (same error you receive if not connected to the internet). All other web sites are accessible.
  • Tried several procedures from http://support.microsoft.com:
  • http://support.microsoft.com/kb/943144 (windows update agent, microsoft fix it 50597, register Wups2.dll file)
  • http://support.microsoft.com/kb/914226 (rename and repopulate? the files regsver32 /u wuweb.dll and iuengine.dll per the microsoft procedure) both files repopulated upon computer restart, never could find Iucti.dll
  • Renamed: Svchost. to Svchost.exe
  • There is a folder in the program files entitled "windows updates" which is empty.
  • We then found bleepingcomputer.com (a suggestion from my company's IT dept). Ran Rkill and tried to update windows unsuccessfully with the same "cannot display page" problem as above. Rkill only found grpconv.exe and dwwin.exe, both of which I googled and found to be harmless normal programs.
  • Ran Unhide.exe without any apparent changes to the computer.

Both problems (Sound shuts down and windows will not update) still exist.

Computer:

about 4-7 year old HP/Compaq desktop
Windows XP professional 5.1.2600 Service Pack 3 build 2600


Additional History:
  • Computer is in a household where it is also used by 2 granddaughters, ages 9 & 14. They surf the internet like kids: they swear that they never agree to install anything but every time I look at the computer there are more menu bars added to internet explorer, etc.
  • Before I came upon the scene, Norton was switched off to speed up the operation. Virus and malware became an issue after this.
  • The computer has had several of the 'fake antivirus' viruses, twice it was taken to a computer shop to correct. The first time Microsoft Security Essentials was installed, but it would not automatically update. The second time AVG was installed and is still running OK.
  • The computer shop looked at but did not fix the above problem with Win32 shutting down and disabling the sound.
  • The owner's husband has solved several virus related computer problems by performing system restores to previous dates. Sometimes he picks dates in the distant past.
  • He now runs MalwareBytes,SuperAntiSpyware, and AVG scans several times a week.

Thank you very much for this web site,

Mark

Edited by hamluis, 17 July 2011 - 12:07 PM.
Moved from XP to Am I Infected.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 17 July 2011 - 10:56 AM

Welcome aboard Posted Image

You may be infected with a rootkit.

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 18 July 2011 - 01:12 PM

Broni,

Thanks for the quick help. I am now visiting the infected computer (they live on the other side of town). I have run the first 3 scans and would like to post them now (since I have to leave to return to work). The GMER will be running this afternoon.

Security Check:

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
AVG 2011
Microsoft Security Essentials
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner
Java™ 6 Update 23
Out of date Java installed!
Adobe Flash Player 10.0.42.34
Adobe Reader 9.4.5
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

WinPatrol winpatrol.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
BillP Studios WinPatrol winpatrol.exe
``````````End of Log````````````


MiniToolBox:

MiniToolBox by Farbar
Ran by Compaq_Administrator (administrator) on 18-07-2011 at 12:19:38
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : your-4dacd0ea75 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : NVIDIA nForce Networking Controller Physical Address. . . . . . . . . : 00-18-F3-AD-A0-59 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.144 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 208.180.42.100 208.180.42.68 NetBIOS over Tcpip. . . . . . . . : Disabled Lease Obtained. . . . . . . . . . : Monday, July 18, 2011 12:04:54 PM Lease Expires . . . . . . . . . . : Tuesday, July 19, 2011 12:04:54 PMServer: rdns02.suddenlink.net
Address: 208.180.42.100

Name: google.com
Addresses: 74.125.224.112, 74.125.224.113, 74.125.224.114, 74.125.224.115
74.125.224.116

Pinging google.com [74.125.224.114] with 32 bytes of data:Reply from 74.125.224.114: bytes=32 time=74ms TTL=51Reply from 74.125.224.114: bytes=32 time=74ms TTL=51Ping statistics for 74.125.224.114: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 74ms, Maximum = 74ms, Average = 74msServer: rdns02.suddenlink.net
Address: 208.180.42.100

Name: yahoo.com
Addresses: 72.30.2.43, 98.137.149.56, 209.191.122.70, 67.195.160.76
69.147.125.65

Pinging yahoo.com [98.137.149.56] with 32 bytes of data:Reply from 98.137.149.56: bytes=32 time=80ms TTL=50Reply from 98.137.149.56: bytes=32 time=82ms TTL=50Ping statistics for 98.137.149.56: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 80ms, Maximum = 82ms, Average = 81msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 f3 ad a0 59 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.144 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.144 192.168.1.144 20
192.168.1.144 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.144 192.168.1.144 20
224.0.0.0 240.0.0.0 192.168.1.144 192.168.1.144 20
255.255.255.255 255.255.255.255 192.168.1.144 192.168.1.144 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/18/2011 00:15:07 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x001a6f64.
Processing media-specific event for [svchost.exe!ws!]

Error: (07/18/2011 09:15:08 AM) (Source: Application Error) (User: )
Description: Fault bucket 00000009.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/18/2011 09:14:59 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x001a6f64.
Processing media-specific event for [svchost.exe!ws!]

Error: (07/17/2011 09:15:36 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x001a6f64.
Processing media-specific event for [svchost.exe!ws!]

Error: (07/17/2011 08:37:57 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x001a6f64.
Processing media-specific event for [svchost.exe!ws!]

Error: (07/16/2011 08:42:57 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x001a6f64.
Processing media-specific event for [svchost.exe!ws!]

Error: (07/16/2011 05:01:32 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (07/16/2011 04:47:50 PM) (Source: Application Error) (User: )
Description: Fault bucket 00000009.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/16/2011 04:28:55 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x001a6f64.
Processing media-specific event for [svchost.exe!ws!]

Error: (07/16/2011 03:55:09 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007041D from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.


System errors:
=============
Error: (07/18/2011 00:05:09 PM) (Source: 0) (User: )
Description:

Error: (07/18/2011 00:05:09 PM) (Source: 0) (User: )
Description:

Error: (07/18/2011 00:05:09 PM) (Source: 0) (User: )
Description:

Error: (07/18/2011 00:05:05 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (07/18/2011 00:05:05 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (07/18/2011 00:02:49 PM) (Source: 0) (User: )
Description:

Error: (07/18/2011 00:02:49 PM) (Source: 0) (User: )
Description:

Error: (07/18/2011 00:02:49 PM) (Source: 0) (User: )
Description:

Error: (07/18/2011 09:04:59 AM) (Source: 0) (User: )
Description:

Error: (07/18/2011 09:04:59 AM) (Source: 0) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (07/18/2011 00:15:07 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.0001a6f64

Error: (07/18/2011 09:15:08 AM) (Source: Application Error)(User: )
Description: 00000009

Error: (07/18/2011 09:14:59 AM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.0001a6f64

Error: (07/17/2011 09:15:36 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.0001a6f64

Error: (07/17/2011 08:37:57 AM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.0001a6f64

Error: (07/16/2011 08:42:57 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.0001a6f64

Error: (07/16/2011 05:01:32 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007041D

Error: (07/16/2011 04:47:50 PM) (Source: Application Error)(User: )
Description: 00000009

Error: (07/16/2011 04:28:55 PM) (Source: Application Error)(User: )
Description: svchost.exe5.1.2600.5512unknown0.0.0.0001a6f64

Error: (07/16/2011 03:55:09 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007041D


========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 958.48 MB
Available physical RAM: 367.43 MB
Total Pagefile: 2312.19 MB
Available Pagefile: 1796.33 MB
Total Virtual: 2047.88 MB
Available Virtual: 1999.63 MB

========================= Partitions: =====================================

1 Drive c: (PRESARIO) (Fixed) (Total:177.74 GB) (Free:139.09 GB) NTFS
2 Drive d: (PRESARIO_RP) (Fixed) (Total:8.56 GB) (Free:0.55 GB) FAT32

========================= Users: ========================================

User accounts for \\

Administrator Compaq_Administrator Guest
HelpAssistant SUPPORT_388945a0 SUPPORT_fddfa904


== End of log ==


MalwareBytes:


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7176

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/18/2011 1:04:04 PM
mbam-log-2011-07-18 (13-03-55).txt

Scan type: Quick scan
Objects scanned: 226930
Time elapsed: 41 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 43
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TotalRecipeSearch_14Service (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8a7d2060-824d-4b17-b00a-759b1b5f30d9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{df22384f-cf68-4d19-969f-10423715528b} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF22384F-CF68-4D19-969F-10423715528B} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF22384F-CF68-4D19-969F-10423715528B} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF22384F-CF68-4D19-969F-10423715528B} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a0154e07-2b48-475c-a82a-80efd84ea33e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TotalRecipeSearch_14bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ab56dfde-0c14-45b3-9df6-7b0eba617870} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB56DFDE-0C14-45B3-9DF6-7B0EBA617870} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.DynamicBarButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.DynamicBarButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.FeedManager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.FeedManager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLMenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLMenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLPanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.HTMLPanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.MultipleButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.MultipleButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.PseudoTransparentPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.Radio (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.Radio.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.RadioSettings (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.RadioSettings.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ScriptButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ScriptButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.SettingsPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.SettingsPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ThirdPartyInstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ToolbarPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.ToolbarPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.UrlAlertButton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.UrlAlertButton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.XMLSessionPlugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TotalRecipeSearch_14.XMLSessionPlugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\Software\TotalRecipeSearch_14 (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\TotalRecipeSearch_14 (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@TotalRecipeSearch_14.com/Plugin (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{8A7D2060-824D-4B17-B00A-759B1B5F30D9} (Adware.MyWebSearch) -> Value: {8A7D2060-824D-4B17-B00A-759B1B5F30D9} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (Adware.MyWebSearch) -> Value: {A0154E07-2B48-475C-A82A-80EFD84EA33E} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (Adware.MyWebSearch) -> Value: {A0154E07-2B48-475C-A82A-80EFD84EA33E} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A0154E07-2B48-475C-A82A-80EFD84EA33E} (Adware.MyWebSearch) -> Value: {A0154E07-2B48-475C-A82A-80EFD84EA33E} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{8a7d2060-824d-4b17-b00a-759b1b5f30d9} (Adware.MyWebSearch) -> Value: {8a7d2060-824d-4b17-b00a-759b1b5f30d9} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{a0154e07-2b48-475c-a82a-80efd84ea33e} (Adware.MyWebSearch) -> Value: {a0154e07-2b48-475c-a82a-80efd84ea33e} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\14ffxtbr@TotalRecipeSearch_14.com (Adware.MyWebSearch) -> Value: 14ffxtbr@TotalRecipeSearch_14.com -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files\totalrecipesearch_14\bar\2.bin\14barsvc.exe (Adware.MyWebSearch) -> No action taken.
c:\program files\totalrecipesearch_14\bar\2.bin\14SrcAs.dll (Adware.MyWebSearch) -> No action taken.
c:\program files\totalrecipesearch_14\bar\2.bin\14bar.dll (Adware.MyWebSearch) -> No action taken.


Thank you very much,

Mark

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 18 July 2011 - 01:16 PM

Very well :)

Your MBAM log says "No action taken".
Re-run it, FIX all issues and post new log.

You're running two AV programs:
AVG 2011
Microsoft Security Essentials

One of them has to go.
If AVG, make sure to use AVG Remover to uninstall it: http://www.avg.com/us-en/utilities

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 18 July 2011 - 08:27 PM

Hello Bruni,

I have the two logs posted below (MBAM & GMER).

I did clean the malware using MalwareBytes this afternoon, however, I believe the log was generated before the clean. Either way, I re-ran MalwareBytes this evening and the log is posted below.

Had to run gmer twice. The first time I disabled AVG, shutdown all programs, disconnected from the internet, and left the scan running while I went to work for the afternoon. When I returned this evening, there was an error box:

Windows Delayed write failed
"Windows was unable to save all the data for the file \device\harddiskvolume1\system volume information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}. The data has been lost. This error may be caused by a failure of your computer hardware or network connnection. Please try to save this file elsewhere."

I pressed OK and received a total of 9 similar boxes one at a time, the file names were different:

2nd: \device\harddiskvolume1\windows\i386
3rd: \device\harddiskvolume1\windows\system32\config\sysevent.evt
4th: \device\harddiskvolume1\system volume information\_restore ......... different alpha numeric string
5th: \device\harddiskvolume1\system volume information\_restore ......... different alpha numeric string
6th: \device\harddiskvolume1\system volume information\_restore ......... different alpha numeric string
7th: \device\harddiskvolume1\system volume information\_restore ......... different alpha numeric string
8th: \device\harddiskvolume1\$Mtf
9th: \device\harddiskvolume1\windows\system32\config\sysevent.evt

after the ninth box, the computer was locked up. Tried everything, and eventually had to turn the computer off.

Hunted down a lot of temp files, this is another story for later.

went to control pannel - add/remove programs, and could not find Microsoft Security Essentials listed. The computer shop supposedly removed it when they installed AVG. There was a Microsoft Security Client folder in the Program Files folder, but I could not find an uninstall file. Suggestions???

Ran GMER again to a successful completion. We did get the WARNING after the quick part of the scan, clicked NO then pressed Scan.
While GMER was running, I noticed that some folders inside C:\WINDOWS\system32 had both temporary internet files and cookies, this looked strange to me.

After GMER ran, the second from last entry in the window was in red. This message was displayed:
"Warning GMER has found system modifications caused by rootkit activity"
Log is below.

This is an HP-Compaq computer with the partitioned hard drive. Tried to rum GMER again on drive D only but it started over on drive C so I aborted that scan.

Thank you very much for your time and expertise,

Mark


GMER Scan:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-07-18 19:45:31
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort2 WDC_WD2000JS-60NCB1 rev.10.02E02
Running: 2rfhdhjm.exe; Driver: C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\kgxdafob.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xF7A01738]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xF7A017DC]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xF7A01878]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xF7A01914]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5A67360, 0x20574D, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\Explorer.EXE[1604] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00BD000A
.text C:\WINDOWS\Explorer.EXE[1604] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BE000A
.text C:\WINDOWS\Explorer.EXE[1604] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:\WINDOWS\system32\wuauclt.exe[2016] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00E2000A
.text C:\WINDOWS\system32\wuauclt.exe[2016] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00E3000A
.text C:\WINDOWS\system32\wuauclt.exe[2016] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00E1000C
.text C:\WINDOWS\system32\svchost.exe[2344] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00F1000A
.text C:\WINDOWS\system32\svchost.exe[2344] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00F2000A
.text C:\WINDOWS\system32\svchost.exe[2344] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00F0000C
.text C:\WINDOWS\system32\svchost.exe[2344] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00FF000A
.text C:\program files\real\realplayer\update\realsched.exe[3336] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.)
AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8656339B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8656339B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort2 8656339B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort3 8656339B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort4 8656339B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort5 8656339B
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-16 8656339B

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

Device \Device\Ide\IdeDeviceP2T0L0-5 -> \??\IDE#DiskWDC_WD2000JS-60NCB1_____________________10.02E02#5&8b35f09&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\CurrentControlSet\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\CurrentControlSet\Services\MRxDAV\EncryptedDirectories@
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 2
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 4
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceType 7
Reg HKLM\SYSTEM\ControlSet003\control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties@DeviceCharacteristics 256

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior

---- EOF - GMER 1.0.15 ----


MalwareBytes Log:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7176

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/18/2011 7:29:52 PM
mbam-log-2011-07-18 (19-29-52).txt

Scan type: Quick scan
Objects scanned: 169750
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 18 July 2011 - 08:42 PM

Good job :)

Indeed, you have a rootkit.

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 19 July 2011 - 05:32 PM

Hello Broni,

The TDSS Killer did not take long to run, one infected object was cured. Here is the log:

2011/07/19 17:24:34.0421 3944 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/19 17:24:34.0812 3944 ================================================================================
2011/07/19 17:24:34.0812 3944 SystemInfo:
2011/07/19 17:24:34.0812 3944
2011/07/19 17:24:34.0812 3944 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/19 17:24:34.0812 3944 Product type: Workstation
2011/07/19 17:24:34.0812 3944 ComputerName: YOUR-4DACD0EA75
2011/07/19 17:24:34.0812 3944 UserName: Compaq_Administrator
2011/07/19 17:24:34.0812 3944 Windows directory: C:\WINDOWS
2011/07/19 17:24:34.0812 3944 System windows directory: C:\WINDOWS
2011/07/19 17:24:34.0812 3944 Processor architecture: Intel x86
2011/07/19 17:24:34.0812 3944 Number of processors: 1
2011/07/19 17:24:34.0812 3944 Page size: 0x1000
2011/07/19 17:24:34.0812 3944 Boot type: Normal boot
2011/07/19 17:24:34.0812 3944 ================================================================================
2011/07/19 17:24:36.0890 3944 Initialize success
2011/07/19 17:24:43.0703 4916 ================================================================================
2011/07/19 17:24:43.0703 4916 Scan started
2011/07/19 17:24:43.0703 4916 Mode: Manual;
2011/07/19 17:24:43.0703 4916 ================================================================================
2011/07/19 17:24:45.0062 4916 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/19 17:24:45.0140 4916 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/19 17:24:45.0296 4916 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/19 17:24:45.0390 4916 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/19 17:24:45.0625 4916 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/07/19 17:24:45.0703 4916 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
2011/07/19 17:24:45.0796 4916 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
2011/07/19 17:24:45.0890 4916 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
2011/07/19 17:24:45.0937 4916 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
2011/07/19 17:24:46.0062 4916 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/07/19 17:24:46.0093 4916 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
2011/07/19 17:24:46.0421 4916 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/19 17:24:46.0531 4916 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/19 17:24:46.0593 4916 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/19 17:24:46.0671 4916 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/19 17:24:46.0843 4916 AVGIDSDriver (c403e7f715bb0a851a9dfae16ec4ae42) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
2011/07/19 17:24:46.0906 4916 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
2011/07/19 17:24:46.0968 4916 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
2011/07/19 17:24:47.0062 4916 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
2011/07/19 17:24:47.0156 4916 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
2011/07/19 17:24:47.0203 4916 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
2011/07/19 17:24:47.0250 4916 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
2011/07/19 17:24:47.0296 4916 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
2011/07/19 17:24:47.0359 4916 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys
2011/07/19 17:24:47.0421 4916 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/19 17:24:47.0500 4916 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/19 17:24:47.0625 4916 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/19 17:24:47.0687 4916 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/19 17:24:47.0859 4916 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/19 17:24:48.0187 4916 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/19 17:24:48.0281 4916 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/19 17:24:48.0375 4916 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/19 17:24:48.0500 4916 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/19 17:24:48.0593 4916 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/19 17:24:48.0718 4916 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/19 17:24:48.0843 4916 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/19 17:24:48.0906 4916 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/19 17:24:48.0984 4916 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/19 17:24:49.0031 4916 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/19 17:24:49.0109 4916 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/19 17:24:49.0296 4916 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/19 17:24:49.0343 4916 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/19 17:24:49.0406 4916 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys
2011/07/19 17:24:49.0484 4916 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/19 17:24:49.0546 4916 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/19 17:24:49.0593 4916 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/19 17:24:49.0687 4916 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
2011/07/19 17:24:49.0781 4916 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
2011/07/19 17:24:49.0906 4916 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/19 17:24:50.0062 4916 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/19 17:24:50.0265 4916 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/19 17:24:50.0562 4916 IntcAzAudAddService (ab2fe0faa519880bd16e4a0792d633d2) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/19 17:24:50.0796 4916 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/19 17:24:50.0843 4916 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/19 17:24:50.0890 4916 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/19 17:24:50.0968 4916 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/19 17:24:51.0046 4916 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/19 17:24:51.0125 4916 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/19 17:24:51.0218 4916 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/19 17:24:51.0359 4916 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/19 17:24:51.0500 4916 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/19 17:24:51.0578 4916 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/19 17:24:51.0656 4916 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/19 17:24:51.0734 4916 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/19 17:24:51.0828 4916 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/19 17:24:51.0984 4916 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/07/19 17:24:52.0093 4916 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2011/07/19 17:24:52.0171 4916 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/19 17:24:52.0312 4916 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/19 17:24:52.0359 4916 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/19 17:24:52.0437 4916 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/19 17:24:52.0515 4916 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/19 17:24:52.0609 4916 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/07/19 17:24:53.0046 4916 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/19 17:24:53.0140 4916 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/19 17:24:53.0234 4916 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/19 17:24:53.0328 4916 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/19 17:24:53.0421 4916 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/19 17:24:53.0500 4916 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/19 17:24:53.0609 4916 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/19 17:24:53.0671 4916 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/19 17:24:53.0781 4916 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/19 17:24:53.0921 4916 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/19 17:24:53.0968 4916 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/19 17:24:54.0156 4916 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/19 17:24:54.0234 4916 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/19 17:24:54.0328 4916 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/19 17:24:54.0406 4916 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/19 17:24:54.0531 4916 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/07/19 17:24:54.0625 4916 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/19 17:24:54.0718 4916 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/19 17:24:54.0843 4916 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/19 17:24:55.0015 4916 nv (642a87877f83313eb5302749cd479024) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/19 17:24:55.0281 4916 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/07/19 17:24:55.0328 4916 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/07/19 17:24:55.0437 4916 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/19 17:24:55.0515 4916 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/19 17:24:55.0562 4916 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/07/19 17:24:55.0640 4916 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/19 17:24:55.0687 4916 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/19 17:24:55.0765 4916 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/19 17:24:55.0796 4916 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/19 17:24:55.0890 4916 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/19 17:24:55.0953 4916 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/19 17:24:56.0375 4916 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/19 17:24:56.0437 4916 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/19 17:24:56.0468 4916 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/19 17:24:56.0562 4916 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/19 17:24:56.0656 4916 PxHelp20 (97b735de4e3cd44c71c8cb09bdbf07b7) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/19 17:24:56.0875 4916 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/19 17:24:56.0937 4916 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/19 17:24:57.0000 4916 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/19 17:24:57.0062 4916 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/19 17:24:57.0125 4916 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/19 17:24:57.0250 4916 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/19 17:24:57.0328 4916 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/19 17:24:57.0515 4916 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/19 17:24:57.0625 4916 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/19 17:24:57.0796 4916 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/07/19 17:24:58.0015 4916 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/07/19 17:24:58.0078 4916 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/07/19 17:24:58.0171 4916 Secdrv (ba0d892d2f786bcebdf03b0a252b47f3) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/19 17:24:58.0312 4916 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/07/19 17:24:58.0390 4916 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/19 17:24:58.0546 4916 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/19 17:24:58.0656 4916 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/19 17:24:58.0781 4916 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/19 17:24:58.0937 4916 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/19 17:24:59.0015 4916 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/19 17:24:59.0265 4916 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/19 17:24:59.0390 4916 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/19 17:24:59.0531 4916 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/19 17:24:59.0609 4916 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/19 17:24:59.0671 4916 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/19 17:24:59.0828 4916 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/19 17:24:59.0953 4916 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/19 17:25:00.0078 4916 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/19 17:25:00.0328 4916 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/19 17:25:00.0375 4916 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/19 17:25:00.0453 4916 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/07/19 17:25:00.0531 4916 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/19 17:25:00.0578 4916 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/19 17:25:00.0656 4916 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/19 17:25:00.0703 4916 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/19 17:25:00.0765 4916 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/19 17:25:00.0953 4916 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/19 17:25:01.0109 4916 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/19 17:25:01.0171 4916 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/19 17:25:01.0421 4916 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/19 17:25:01.0531 4916 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
2011/07/19 17:25:01.0703 4916 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/19 17:25:01.0812 4916 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/19 17:25:01.0984 4916 MBR (0x1B8) (f5adcbab5372b7fd0d966cba3572bcbe) \Device\Harddisk0\DR0
2011/07/19 17:25:02.0000 4916 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/07/19 17:25:02.0015 4916 Boot (0x1200) (3ea8937d2168e8187c59c48005146c2d) \Device\Harddisk0\DR0\Partition0
2011/07/19 17:25:02.0062 4916 Boot (0x1200) (e8650c7a15ec5b531a7d864eb0719521) \Device\Harddisk0\DR0\Partition1
2011/07/19 17:25:02.0109 4916 ================================================================================
2011/07/19 17:25:02.0109 4916 Scan finished
2011/07/19 17:25:02.0109 4916 ================================================================================
2011/07/19 17:25:02.0140 5316 Detected object count: 1
2011/07/19 17:25:02.0140 5316 Actual detected object count: 1
2011/07/19 17:25:21.0875 5316 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/07/19 17:25:21.0875 5316 \Device\Harddisk0\DR0 - ok
2011/07/19 17:25:21.0875 5316 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/07/19 17:25:36.0640 5812 Deinitialize success


Thanks,

Mark

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 19 July 2011 - 07:26 PM

Very good :)

Let's double check.

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 20 July 2011 - 11:08 AM

Broni,

Thanks so much for your help and wisdom. The next time I will be at the (hopefully previously) infected computer will be tomorrow night (Thursday). I'll run the scan then and get right back with you.

Windows update did work last night, so the cleaning did do some good!!!!

I looked into uninstalling Microsoft Security Essentials. I even tried installing it again in order to have it show up on the Install/Uninstall programs list. MSE would not install, even with AVG disabled. There is still a Microsoft Security Client folder installed on that computer.

I installed Mosilla Firefox last night and plugged in the script blocker on the previously infected computer. I have been using Firefox on my computer for the past month and it has greatly reduced the Adware.

When we are all through with disinfecting, do you think that AVG will give descent protection against future rootkit attacks? I believe that this rootkit arrived before AVG was installed.

Kindest Regards,

Mark

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 20 July 2011 - 06:32 PM

There is still a Microsoft Security Client folder installed on that computer.

Since you uninstalled MSE, you can simply delete that folder.

I'm not a big fan of AVG, but remember, there is no perfect security program.
Your computer security depends mostly on your computing habits.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 21 July 2011 - 06:35 PM

Hello Broni,

Just ran Rootkit Unhooker:

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xF39E1000 C:\WINDOWS\system32\drivers\RtkHDAud.sys 5206016 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 3956736 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 82.08 )
0xF6879000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 3538944 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.08 )
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2069376 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2069376 bytes
0x804D7000 RAW 2069376 bytes
0x804D7000 WMIxWDM 2069376 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF66E2000 C:\WINDOWS\system32\DRIVERS\HSX_DP.sys 1011712 bytes (Conexant Systems, Inc., HSF_DP driver)
0xF662C000 C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys 745472 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xF738F000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF3746000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF64CC000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF38BA000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB96E7000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xF65B9000 C:\WINDOWS\system32\DRIVERS\NVNRM.SYS 307200 bytes (NVIDIA Corporation, NVIDIA Network Resource Manager.)
0xBF3D8000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xF3873000 C:\WINDOWS\system32\DRIVERS\avgtdix.sys 290816 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xF67D9000 C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys 282624 bytes (Conexant Systems, Inc., HSF_HWB2 WDM driver)
0xF7490000 ftsata2.sys 274432 bytes (Promise Technology, Inc., Promise Driver for Windows Server 2003)
0xB978F000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF366A000 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 245760 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xF6582000 C:\WINDOWS\system32\DRIVERS\NVSNPU.SYS 225280 bytes (NVIDIA Corporation, NVIDIA Networking Soft-NPU Driver.)
0xF652A000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7541000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xB9910000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7362000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xB3CEF000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xF37B6000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF6604000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows ® Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xF3825000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF396E000 C:\WINDOWS\system32\DRIVERS\MpFilter.sys 159744 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0xF74EB000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xF384D000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF361E000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF39BD000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF6841000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF681E000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF3803000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xF37E1000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0x806D1000 ACPI_HAL 131840 bytes
0x806D1000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xB9267000 C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 131072 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Driver.)
0xF7458000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF7511000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF7348000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF74D3000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF35B6000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF7478000 C:\WINDOWS\system32\DRIVERS\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xF742F000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF656B000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB9A2B000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6865000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF3913000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF741C000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7446000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7530000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF655A000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xB9677000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF7870000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7680000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF6C65000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7880000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xF7740000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF6CC5000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF7690000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF7850000 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 57344 bytes (Advanced Micro Devices, AMD Processor Driver)
0xF76D0000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7890000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF78A0000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF76B0000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF6C45000 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 49152 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xF76F0000 PxHelp20.sys 49152 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF78C0000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF77D0000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF7860000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF76A0000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF78B0000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF7670000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7720000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF78E0000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF76E0000 bb-run.sys 36864 bytes (Promise Technology, Inc., Promise Disk Accelerator)
0xB43FF000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF76C0000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF77E0000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF78D0000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF77A0000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xF6CB5000 C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 36864 bytes (NVIDIA Corporation, NVIDIA Networking Function Driver.)
0xF7790000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF79F0000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF7A28000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF79B0000 C:\WINDOWS\system32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xF79E8000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7900000 avgrkx86.sys 28672 bytes (AVG Technologies CZ, s.r.o., AVG Anti-Rootkit Driver)
0xF79C0000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF78F0000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7A38000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF79D8000 C:\WINDOWS\system32\DRIVERS\aracpi.sys 24576 bytes (Microsoft Corporation, Microsoft AR ACPI Driver (Beta 2 Release 2))
0xF79F8000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7A18000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7A30000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xF79C8000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7A40000 C:\WINDOWS\system32\DRIVERS\arhidfltr.sys 20480 bytes (Microsoft Corporation, Microsoft AR HID Filter Driver (Beta 2 Release 2))
0xF79A0000 C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 20480 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Filter Driver.)
0xF7948000 C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 20480 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Loader Driver.)
0xF79D0000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF78F8000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7A08000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7A10000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF7A00000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF79E0000 C:\WINDOWS\system32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xF7A50000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7A84000 AVGIDSEH.Sys 16384 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Helper Driver.)
0xB98D8000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface DRIVER)
0xF6BDD000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xBA4DC000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7300000 C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 16384 bytes (NVIDIA Corporation, NVIDIA Networking Bus Driver.)
0xF6BFD000 C:\WINDOWS\system32\DRIVERS\arpolicy.sys 12288 bytes (Microsoft Corporation, Microsoft AR Policy Driver (Beta 2 Release 2))
0xF7A80000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF3652000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF64A4000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF7B10000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF6BF9000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF64C4000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7BC4000 C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys 8192 bytes (Microsoft Corporation, Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2))
0xF7BE2000 C:\WINDOWS\system32\DRIVERS\armoucfltr.sys 8192 bytes (Microsoft Corporation, Microsoft AR PS/2 Mouse Filter Driver (Beta 2 Release 2))
0xF7BDC000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7B78000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7BEC000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7BDA000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7B76000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF7B70000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7BDE000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7BE0000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7BC6000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7BCA000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7B74000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF7B72000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D2D000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7D62000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7C38000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================


Thanks again for everything,

Mark

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 21 July 2011 - 08:38 PM

Looks good :)

How is computer doing?

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 28 July 2011 - 04:25 PM

Broni,

The Temp File Cleaner ran fine. It seems to find a lot more files to clean up than CCleaner.

Here is the log file from the ESET online scan:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=3cc2b8c5beeb504fa045b190a1f24f67
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-27 01:15:51
# local_time=2011-07-26 08:15:51 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1032 16777189 100 95 0 54777540 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=191694
# found=466
# cleaned=0
# scan_time=7958
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\cmgsOgh.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\ef0LfVJ4qK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\EFqr7E.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\g2eyJl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\iPGs6FygIL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\jC4sent6S.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\jrG0KMqK2.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\K3ALoAevM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\KHiyGK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\L2KglV8ghx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\LSMHrGZthG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\lx2cYS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\MnzLajA05C.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\mwu2LWw.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\oRLTm.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\QfHs73GYg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\rxCerwtCL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\TD20d6376.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\tn090nNde.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\vRHYU.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Compaq_Administrator\Application Data\w9CLr.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\aLGAQE9n.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\aSDtR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\AVzArcyBUO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\azcVt86dN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\BHgNSQvr.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\bKbeYNx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\cIKjHK4E.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\D0MnM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\dDylnJhQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Dn9mpxkSHX.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ELud3a.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\eTwBBSF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\eWaJtY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\eXJvdN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\eZYj2n3.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\F0cUFe.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\F8Wwb.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\f906Ilycgw.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\FQ3ej.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\fX5ssUuEL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\G4wwnyR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\GDmXE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\GTcjd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\h22FXQ3X3R.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\H4kYYQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\HmnWVM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\I3MyFB.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\IKiUntg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Ip2p2iypdq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\iph38z6ce.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Iqtv02xhW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\JsngbFG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\k8g0aOV1sJ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\kUBhXi.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\M3TsqJDbYh.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\mHfVv8PS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\N2pXs.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\O7bGS1FVq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\O7xVjRQWo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\oAaNnKCpt4.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ONUcsNG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\oPSsGRT.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\OsuWtFZEEK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\oXYbPnC9wG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\pdKDi5Qt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\PuR6lTv.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Q5G3D.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Qd69zxQW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\QneqZVn8.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\qqBip.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\qzfJSPkbuG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Rl8Aq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ROwvcT.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\RrGWx8Er.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\RT6hkvYzc.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\rYW30I1x.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\s0FAY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\sl984.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\SvPktF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\T3Cl6Js9Rw.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\t5cPaURE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\TriuqJC.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\tuH2zbOG5Q.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\tXgdIQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\U1fKmjhDo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\uB1wp.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\UHiEy7QDn.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\UrJAydF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\uu4RL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\V6xg9sX9C.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\VA84h.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\vbkQ8VQiG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ViiBrIN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\VkiR3N8f.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\VLwH7tMw.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\vt0olV.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\VuFPaD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\vuyYJJHAX.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\W3A0i9zO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\w9DwHPjm.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\WA8eulH.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\WtFej3Q2zd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\X9GQwHO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\Xt7oaeySl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\xZJ9BZjBZt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\y5jSl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\y62FYjWS5D.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\YINYFIBVKf.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\yrIIX.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ZG1nC3GYaQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ZlsPGrzLUt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Application Data\ZQsuqz2UaD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\a1AtelhpOz.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Aax4E7dMm.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\abnEBt0g45.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\AFuwbq4.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\aFXhQXFimd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ajv3xo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\aMC6iOg9.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\APeF0v.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\aqm5T3nOX.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\aRnx8.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ayQmIzbs.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\b1ivgYze.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\b3reqX.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\BEbqY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\BGE7W3JW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\blwcQ62.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\bPRiiK5.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\BQd5p9e.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\bqSowMQIJ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\bwyDr.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\BZYu6O.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\CCqTSdIa.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Ce0ozcH.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Ce0qlhc.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Cf7yPIhw.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Cf9v9kjm.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\CG0hSpa.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Ck7DI.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\cLHhyZ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\CMLh83.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\CqB7xlstP.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\CuPEF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Cw7VS5hL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\cwWo7k.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\D8bYZ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DCi9q1EcS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DeJGz.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\dJrjwaxg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\dKnaa.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\dm08Go.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DMuFy.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Dnwz2EW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DOhUvT6ti.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DSEvZgoAGW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\dViBvjoZ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DXRgQK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\DydkkLLq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\E1ZlE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\e4GNXhB0AT.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\e8wpmZGAs.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ea613Ru.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\eAQ1Oi4EH.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\EDr7Q.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\EJvI2a.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\EO7Q7XHJ0n.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\EoeO3aHygh.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\eqNNdQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\eUEfbC.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\EVBvfT1FEt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ewXmEarj.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\F0ydpvzIxO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\F2vGavt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\f43X9C05G.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\f7yhu.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\fb3hOctoC5.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FBKTXhRUhW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FDRNNTv.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\fdVz7z.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FERdy.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ffvl2.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FTgXBFr.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FVvK7Pk.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FXQfnLoc6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Fys2IIGtN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\FZ8CH2jWTU.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\G32WJtrn5h.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\gDErqko.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\gHtHk.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\GI8sRJEJh6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\gJEmOhYxiF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\GJRJOK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\glyRBLv.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\GnMlK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\GQNtrkUf3.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\GsmFels0.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\gStgv1.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\gTjxvty.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\GTNNgA.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\gy7teEn.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\H4NKIUK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\h8vY65.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\HAeIlIboo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hakaok.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hcIHsODO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\HcrBCc.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hfT0PUt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hGGHBAA.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hiGgwI.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hIr56LJJEx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\HJrypUOMD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hKicYoAzP.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\HMD69dHo5.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ho6d7mg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\HttznFXp.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hW3xe07Z3x.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\hxPsjQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\i91AViEfQg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\IaVfctp16k.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\iBNiF9.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ieEDkK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\iH2tozYd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ihgE0DDGi.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ilTNqfnjRP.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\IMPkKrxX6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\J6bFu6uf.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\JCIqKW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\jgARt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\jIsAWF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Jit0pVIIoS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\jnePx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\JSRlDw4kR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\JVTIzdz5O.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\jY86k8D.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\JydEA8.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\jZyLa52fCG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\k0Syj.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\K1I00qR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\K8GpE09.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\k9Ygdea.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\KkBhD6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\kKsuibH.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\KNaEuFS9Jy.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\KsEhKFg1Zw.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ku9bFqbOyB.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\kX3bws8n0z.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\KzSHHWy4.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\l0iANpPO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\l9fO1H.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\LB0wQ6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\LbTJv7l.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\LcTQ1C7.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\lg138kHy7R.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\lGEZhu.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Lgued.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Lkjq9a.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\LMh8xOZSQt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\lMiYpQcZ5k.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\LrbFDb5D.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\LrVaG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\lXcazfoGG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\M0jPcPtc.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\m0Kds7YFix.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\m0kMl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\MEYtDZp.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\MHhtZlKkVj.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\mhuoF4L.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\MQNYg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\MsvKUL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\mVX0Zqhbc3.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\mxi684W.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\mXpnZLBYBD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\myOsDkp.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\NaaNVwmEG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\NKjlfZE5I.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\NL1v07.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\nn0EuKmOq1.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\no0UTm3yv.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\NQ1BWN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Nq1hHVrOOx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\NSTMN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ntBd1s.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ny8Sjz.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\NZUfa0NOj7.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\o1VedgcN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\OaPMu.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oBRrgIseS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ocFua6mBg1.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oFI4efU.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oGDQd0Y20.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oJ4oQ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ojmM1FY6v.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\OjmY9Uinho.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\OM1km.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ONkQ3MN1BW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\OnP2gxypB.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\OOr7JaA.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oUcxL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oVzsy5fi.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\oxMqtR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pe2AogZwbJ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pET3i.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Pf8Znt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pGouZW.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pHjVVg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pjEcqVKt.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\PP92JcK.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\PPNsMm.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\proaYR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pvfmEB3g4.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pwtQ94emV.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pYnEMJ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\pzDfdsx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\PzO6LqR0.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Q8beo5Ioq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QCeuz.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\qDEJB.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QHc557wzE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QhgmevHeM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QiQxgC63pq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QK3rYRIExi.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Qkw88ra7.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QKySO9GUY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\qOcY96o.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\qqn1bu.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QRAZtQ8c3C.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\qT9dnDpc02.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QwAWfg5oGq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QXrRKClx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QY5y5.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\QzFtF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\R0xUc.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\R2Fjy6upip.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\r51Icq6X.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\RavuLbHkeg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rccwjCONd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rdPpdT74tM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\RJmVldw6c.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rKaGy8.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\RKJoP.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rNz2q.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rpcqH1s.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\RpwLdhkFo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rRFSHa.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ruhWXXqF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ruRIb.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\RVEgWR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\rXL7fSzCOF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\RYDGhbMN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Rzcl5Xr7T1.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\s3HnukG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\s53KlMdnI.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\sasnNFAAk.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\SCfRsV1KJ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\SFpXZIBY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Sh0DeQx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Si7aYQXx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Sj7gL4Jh.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\sJS2xbQJQd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\sOCoxox1u.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\spn0aYe.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\SRR5r.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\SWTOLtxeZy.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Tc0LQvdM8c.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tDlcROGdvE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tEs8ML.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tf7KUpdd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TFI1M28b.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tI1th6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TjwuA.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TKVlqeRV.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TKZtG5oym.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TMPTwUXL.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TMZC6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tpUROV.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tQNUE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TSZfCkuY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\tUO7gU5.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TUWK9t.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\TZzQKdF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\u0GgZu9.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\U2ojjrBO.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\U2qKdkyB.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\U3YndAd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\uBBuutx.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UbThusY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\uc3Xg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UHbn1.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UjQY9GaT1M.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ukK04O.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UmfWrog.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\uRV7O.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UsAHr.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\USMrAPi.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\uSOabavJ.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UViy2Fo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\UYOB1ZC.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VaFsrXm.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VAw5zc.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\vEk2h.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VEskKT.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\vfnBvfK0.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VfyM9qsz.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\vg7iQDXN3w.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VH23BLM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\vlcrFbdQJo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\vo3UBF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VQXcnwS8.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\vrBLkT69.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Vz4jZwXwcn.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\VzgJO3.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\w1TdTEe6e.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\w1yAl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\W3YeeeTfN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\W4MWS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\wewin.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\WF0rgwcP.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\wjFgoD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\wkDVR.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\WtJacDHJ2.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\WXiAunvEJS.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\WYcDEqG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\WZljos.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\X2gjtxIOl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\XfrwG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\xgqigGo08.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\XhisWVQWY.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\XOYIwZBvrD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\XrnW16.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\XYfDI.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\xyxTwOd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Y262B2J.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Y2yV47BJ9.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\YaBnD2IE.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\yB0FM.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\yGjtyG.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ygzf6.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\yhDIl.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\yrEGDb2.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Yuvx9kk.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\YZ8YkH.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\zApCwObRoF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\Ze43L7DlsI.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\zeaOHZF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ZGXoQxyN.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\zjRcBW5Xf.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ZLpHkd.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ZMupPq.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\zobkeh3wo.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ZraWWL5nnF.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\ZVy4xgR9O.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\zwTbU.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\NetworkService\Application Data\zzCxFdD.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\VideoScavenger_1e\bar\1.bin\1edatact.dll a variant of Win32/Toolbar.MyWebSearch.A application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\VideoScavenger_1e\bar\1.bin\1ehtml.dll probably a variant of Win32/Toolbar.MyWebSearch.F application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\VideoScavenger_1e\bar\1.bin\1ehtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\VideoScavenger_1e\bar\1.bin\1ePlugin.dll a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\VideoScavenger_1e\bar\1.bin\1eskin.dll a variant of Win32/Toolbar.MyWebSearch.P application (unable to clean) 00000000000000000000000000000000 I
C:\WINDOWS\system32\345.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\WINDOWS\system32\asdfreg.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
C:\WINDOWS\system32\saad.js JS/TrojanDownloader.Agent.NWG trojan (unable to clean) 00000000000000000000000000000000 I
D:\I386\APPS\APP14614\src\CompaqPresario_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I
D:\I386\APPS\APP14614\src\HPPavillion_Spring06.exe a variant of Win32/Toolbar.MyWebSearch application (unable to clean) 00000000000000000000000000000000 I


Thanks again for all your help,

Mark

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,699 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:31 PM

Posted 28 July 2011 - 05:27 PM

I'm not sure why Eset says "unable to clean".
Did you leave all settings alone?

Please click HERE to download Kaspersky Virus Removal Tool.

  • Double click on the file you just downloaded and let it install.
  • It will install to your desktop.
  • After that leave what is selected and put a check next to My Computer.
  • Click on the option that says Threat Detection and change it to Disinfect,delete if disinfection fails.
  • Then click on Start Scan.
  • Before it is done it may prompt for action regardless of the setting so choose delete if prompted.
  • When the scan is done no log will be produced.
  • Click on the bottom where it says Report to open the report.
  • Then highlight of of the items found by using ctrl + a on your keyboard to select all or use your mouse to select all then right click and choose copy.
  • This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.
  • You can save this on the desktop.
  • Post the contents of the document in your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 mmason

mmason
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:31 PM

Posted 30 July 2011 - 07:58 PM

Hello again Broni,

I believe that I unchecked a box the first time I ran ESET. I ran it again and the malware went to quarantine this time. Also ran the Kapersky, which took 4 hr 45 minutes. I believe the interface is a little different now, as buttons and pulldowns were needed to get to the settings. There is a save button also now, and I used it to save the text file. Both files are here below:

ESET:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=3cc2b8c5beeb504fa045b190a1f24f67
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-28 11:08:04
# local_time=2011-07-28 06:08:04 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1032 16777189 100 95 0 54945393 0 0
# compatibility_mode=8192 67108863 100 0 81657 81657 0 0
# scanned=128596
# found=456
# cleaned=456
# scan_time=5234
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\cmgsOgh.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\ef0LfVJ4qK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\EFqr7E.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\g2eyJl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\iPGs6FygIL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\jC4sent6S.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\jrG0KMqK2.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\K3ALoAevM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\KHiyGK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\L2KglV8ghx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\LSMHrGZthG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\lx2cYS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\MnzLajA05C.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\mwu2LWw.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\oRLTm.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\QfHs73GYg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\rxCerwtCL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\TD20d6376.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\tn090nNde.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\vRHYU.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Compaq_Administrator\Application Data\w9CLr.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\aLGAQE9n.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\aSDtR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\AVzArcyBUO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\azcVt86dN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\BHgNSQvr.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\bKbeYNx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\cIKjHK4E.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\D0MnM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\dDylnJhQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Dn9mpxkSHX.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ELud3a.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\eTwBBSF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\eWaJtY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\eXJvdN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\eZYj2n3.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\F0cUFe.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\F8Wwb.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\f906Ilycgw.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\FQ3ej.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\fX5ssUuEL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\G4wwnyR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\GDmXE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\GTcjd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\h22FXQ3X3R.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\H4kYYQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\HmnWVM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\I3MyFB.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\IKiUntg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Ip2p2iypdq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\iph38z6ce.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Iqtv02xhW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\JsngbFG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\k8g0aOV1sJ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\kUBhXi.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\M3TsqJDbYh.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\mHfVv8PS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\N2pXs.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\O7bGS1FVq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\O7xVjRQWo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\oAaNnKCpt4.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ONUcsNG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\oPSsGRT.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\OsuWtFZEEK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\oXYbPnC9wG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\pdKDi5Qt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\PuR6lTv.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Q5G3D.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Qd69zxQW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\QneqZVn8.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\qqBip.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\qzfJSPkbuG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Rl8Aq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ROwvcT.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\RrGWx8Er.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\RT6hkvYzc.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\rYW30I1x.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\s0FAY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\sl984.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\SvPktF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\T3Cl6Js9Rw.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\t5cPaURE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\TriuqJC.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\tuH2zbOG5Q.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\tXgdIQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\U1fKmjhDo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\uB1wp.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\UHiEy7QDn.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\UrJAydF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\uu4RL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\V6xg9sX9C.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\VA84h.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\vbkQ8VQiG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ViiBrIN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\VkiR3N8f.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\VLwH7tMw.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\vt0olV.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\VuFPaD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\vuyYJJHAX.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\W3A0i9zO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\w9DwHPjm.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\WA8eulH.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\WtFej3Q2zd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\X9GQwHO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\Xt7oaeySl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\xZJ9BZjBZt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\y5jSl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\y62FYjWS5D.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\YINYFIBVKf.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\yrIIX.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ZG1nC3GYaQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ZlsPGrzLUt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\LocalService\Application Data\ZQsuqz2UaD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\a1AtelhpOz.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Aax4E7dMm.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\abnEBt0g45.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\AFuwbq4.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\aFXhQXFimd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ajv3xo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\aMC6iOg9.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\APeF0v.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\aqm5T3nOX.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\aRnx8.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ayQmIzbs.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\b1ivgYze.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\b3reqX.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\BEbqY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\BGE7W3JW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\blwcQ62.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\bPRiiK5.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\BQd5p9e.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\bqSowMQIJ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\bwyDr.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\BZYu6O.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\CCqTSdIa.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Ce0ozcH.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Ce0qlhc.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Cf7yPIhw.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Cf9v9kjm.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\CG0hSpa.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Ck7DI.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\cLHhyZ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\CMLh83.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\CqB7xlstP.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\CuPEF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Cw7VS5hL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\cwWo7k.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\D8bYZ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DCi9q1EcS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DeJGz.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\dJrjwaxg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\dKnaa.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\dm08Go.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DMuFy.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Dnwz2EW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DOhUvT6ti.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DSEvZgoAGW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\dViBvjoZ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DXRgQK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\DydkkLLq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\E1ZlE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\e4GNXhB0AT.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\e8wpmZGAs.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ea613Ru.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\eAQ1Oi4EH.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\EDr7Q.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\EJvI2a.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\EO7Q7XHJ0n.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\EoeO3aHygh.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\eqNNdQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\eUEfbC.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\EVBvfT1FEt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ewXmEarj.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\F0ydpvzIxO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\F2vGavt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\f43X9C05G.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\f7yhu.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\fb3hOctoC5.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FBKTXhRUhW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FDRNNTv.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\fdVz7z.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FERdy.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ffvl2.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FTgXBFr.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FVvK7Pk.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FXQfnLoc6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Fys2IIGtN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\FZ8CH2jWTU.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\G32WJtrn5h.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\gDErqko.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\gHtHk.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\GI8sRJEJh6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\gJEmOhYxiF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\GJRJOK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\glyRBLv.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\GnMlK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\GQNtrkUf3.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\GsmFels0.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\gStgv1.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\gTjxvty.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\GTNNgA.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\gy7teEn.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\H4NKIUK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\h8vY65.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\HAeIlIboo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hakaok.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hcIHsODO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\HcrBCc.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hfT0PUt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hGGHBAA.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hiGgwI.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hIr56LJJEx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\HJrypUOMD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hKicYoAzP.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\HMD69dHo5.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ho6d7mg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\HttznFXp.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hW3xe07Z3x.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\hxPsjQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\i91AViEfQg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\IaVfctp16k.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\iBNiF9.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ieEDkK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\iH2tozYd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ihgE0DDGi.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ilTNqfnjRP.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\IMPkKrxX6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\J6bFu6uf.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\JCIqKW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\jgARt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\jIsAWF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Jit0pVIIoS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\jnePx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\JSRlDw4kR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\JVTIzdz5O.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\jY86k8D.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\JydEA8.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\jZyLa52fCG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\k0Syj.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\K1I00qR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\K8GpE09.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\k9Ygdea.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\KkBhD6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\kKsuibH.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\KNaEuFS9Jy.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\KsEhKFg1Zw.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ku9bFqbOyB.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\kX3bws8n0z.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\KzSHHWy4.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\l0iANpPO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\l9fO1H.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\LB0wQ6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\LbTJv7l.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\LcTQ1C7.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\lg138kHy7R.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\lGEZhu.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Lgued.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Lkjq9a.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\LMh8xOZSQt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\lMiYpQcZ5k.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\LrbFDb5D.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\LrVaG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\lXcazfoGG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\M0jPcPtc.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\m0Kds7YFix.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\m0kMl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\MEYtDZp.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\MHhtZlKkVj.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\mhuoF4L.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\MQNYg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\MsvKUL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\mVX0Zqhbc3.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\mxi684W.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\mXpnZLBYBD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\myOsDkp.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\NaaNVwmEG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\NKjlfZE5I.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\NL1v07.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\nn0EuKmOq1.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\no0UTm3yv.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\NQ1BWN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Nq1hHVrOOx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\NSTMN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ntBd1s.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ny8Sjz.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\NZUfa0NOj7.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\o1VedgcN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\OaPMu.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oBRrgIseS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ocFua6mBg1.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oFI4efU.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oGDQd0Y20.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oJ4oQ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ojmM1FY6v.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\OjmY9Uinho.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\OM1km.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ONkQ3MN1BW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\OnP2gxypB.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\OOr7JaA.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oUcxL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oVzsy5fi.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\oxMqtR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pe2AogZwbJ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pET3i.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Pf8Znt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pGouZW.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pHjVVg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pjEcqVKt.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\PP92JcK.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\PPNsMm.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\proaYR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pvfmEB3g4.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pwtQ94emV.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pYnEMJ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\pzDfdsx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\PzO6LqR0.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Q8beo5Ioq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QCeuz.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\qDEJB.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QHc557wzE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QhgmevHeM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QiQxgC63pq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QK3rYRIExi.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Qkw88ra7.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QKySO9GUY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\qOcY96o.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\qqn1bu.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QRAZtQ8c3C.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\qT9dnDpc02.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QwAWfg5oGq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QXrRKClx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QY5y5.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\QzFtF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\R0xUc.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\R2Fjy6upip.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\r51Icq6X.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\RavuLbHkeg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rccwjCONd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rdPpdT74tM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\RJmVldw6c.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rKaGy8.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\RKJoP.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rNz2q.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rpcqH1s.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\RpwLdhkFo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rRFSHa.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ruhWXXqF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ruRIb.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\RVEgWR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\rXL7fSzCOF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\RYDGhbMN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Rzcl5Xr7T1.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\s3HnukG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\s53KlMdnI.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\sasnNFAAk.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\SCfRsV1KJ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\SFpXZIBY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Sh0DeQx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Si7aYQXx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Sj7gL4Jh.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\sJS2xbQJQd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\sOCoxox1u.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\spn0aYe.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\SRR5r.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\SWTOLtxeZy.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Tc0LQvdM8c.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tDlcROGdvE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tEs8ML.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tf7KUpdd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TFI1M28b.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tI1th6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TjwuA.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TKVlqeRV.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TKZtG5oym.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TMPTwUXL.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TMZC6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tpUROV.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tQNUE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TSZfCkuY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\tUO7gU5.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TUWK9t.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\TZzQKdF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\u0GgZu9.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\U2ojjrBO.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\U2qKdkyB.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\U3YndAd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\uBBuutx.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UbThusY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\uc3Xg.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UHbn1.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UjQY9GaT1M.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ukK04O.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UmfWrog.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\uRV7O.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UsAHr.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\USMrAPi.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\uSOabavJ.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UViy2Fo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\UYOB1ZC.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VaFsrXm.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VAw5zc.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\vEk2h.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VEskKT.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\vfnBvfK0.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VfyM9qsz.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\vg7iQDXN3w.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VH23BLM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\vlcrFbdQJo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\vo3UBF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VQXcnwS8.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\vrBLkT69.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Vz4jZwXwcn.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\VzgJO3.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\w1TdTEe6e.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\w1yAl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\W3YeeeTfN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\W4MWS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\wewin.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\WF0rgwcP.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\wjFgoD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\wkDVR.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\WtJacDHJ2.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\WXiAunvEJS.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\WYcDEqG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\WZljos.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\X2gjtxIOl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\XfrwG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\xgqigGo08.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\XhisWVQWY.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\XOYIwZBvrD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\XrnW16.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\XYfDI.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\xyxTwOd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Y262B2J.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Y2yV47BJ9.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\YaBnD2IE.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\yB0FM.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\yGjtyG.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ygzf6.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\yhDIl.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\yrEGDb2.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Yuvx9kk.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\YZ8YkH.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\zApCwObRoF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\Ze43L7DlsI.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\zeaOHZF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ZGXoQxyN.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\zjRcBW5Xf.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ZLpHkd.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ZMupPq.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\zobkeh3wo.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ZraWWL5nnF.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\ZVy4xgR9O.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\zwTbU.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\NetworkService\Application Data\zzCxFdD.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C


Kaspersky Scan Results:

Status: Quarantined (events: 34)
7/30/2011 3:44:16 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\i8rD506Iw.js High
7/30/2011 3:44:17 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\JeX5Og2K.js High
7/30/2011 3:44:17 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\JfAYBpljA.js High
7/30/2011 3:44:18 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\JLctojR7B.js High
7/30/2011 3:44:18 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\kte6v42.js High
7/30/2011 3:44:19 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\LrmFAiu29E.js High
7/30/2011 3:44:19 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\UyymPl4x.js High
7/30/2011 3:44:20 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\vd9JVWvb3g.js High
7/30/2011 3:44:20 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\VqO2ciJ.js High
7/30/2011 3:44:21 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\WsBzHGTE.js High
7/30/2011 3:44:21 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\WWL9ZTv.js High
7/30/2011 3:44:22 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\LocalService\Application Data\zlXefe1Iq.js High
7/30/2011 3:46:10 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\Ai7MRJq.js High
7/30/2011 3:46:11 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\A2j9da3QM4.js High
7/30/2011 3:46:11 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\at9lxX2S.js High
7/30/2011 3:46:12 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\aVLOM.js High
7/30/2011 3:46:12 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\f5MA8HOJL.js High
7/30/2011 3:46:13 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\FfbilS5.js High
7/30/2011 3:46:13 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\HI9ohs3DF.js High
7/30/2011 3:46:15 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\jPI5eG.js High
7/30/2011 3:46:15 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\Lmx6SMX5.js High
7/30/2011 3:46:17 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\mjJr4.js High
7/30/2011 3:46:17 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\MVhBOT.js High
7/30/2011 3:46:18 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\oIYi0X9.js High
7/30/2011 3:46:18 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\q6Iv0U14.js High
7/30/2011 3:46:19 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\QgFKb.js High
7/30/2011 3:46:19 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\Rboc6.js High
7/30/2011 3:46:19 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\rIVFYGo.js High
7/30/2011 3:46:20 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\rq77l.js High
7/30/2011 3:46:20 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\SDK1RXU.js High
7/30/2011 3:46:21 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\Uhwqj.js High
7/30/2011 3:46:21 PM Quarantined virus HEUR:Exploit.Script.Generic C:\Documents and Settings\NetworkService\Application Data\YM5C7MF0W.js High
7/30/2011 7:07:30 PM Quarantined virus HEUR:Exploit.Script.Generic C:\WINDOWS\system32\asdfreg.js High
7/30/2011 7:07:31 PM Quarantined virus HEUR:Exploit.Script.Generic C:\WINDOWS\system32\saad.js High
Status: Deleted (events: 32)
7/30/2011 4:32:48 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg C:\Program Files\HP Games\Wheel of Fortune\Wheel of Fortune-WT.exe High
7/30/2011 4:32:48 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg C:\Program Files\HP Games\Wheel of Fortune\Wheel of Fortune-WT.exe//data0000 High
7/30/2011 5:40:47 PM Deleted adware not-a-virus:AdWare.Win32.FunWeb.heur C:\Program Files\VideoScavenger_1e\bar\1.bin\1ebar.dll Medium
7/30/2011 5:49:47 PM Deleted adware not-a-virus:AdWare.Win32.Gamevance.hiqh C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP311\A0239082.dll Medium
7/30/2011 5:49:46 PM Deleted adware not-a-virus:AdWare.Win32.Gamevance.hfrs C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP311\A0239081.exe Medium
7/30/2011 5:49:53 PM Deleted adware not-a-virus:AdWare.Win32.FunWeb.heur C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP311\A0239111.exe//data0000.res//1eSetup.exe//data0007.res Medium
7/30/2011 5:49:53 PM Deleted adware not-a-virus:AdWare.Win32.FunWeb.heur C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP311\A0239111.exe//data0000.res//1eSetup.exe Medium
7/30/2011 5:49:53 PM Deleted adware not-a-virus:AdWare.Win32.FunWeb.heur C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP311\A0239111.exe//data0000.res Medium
7/30/2011 5:49:53 PM Deleted adware not-a-virus:AdWare.Win32.FunWeb.heur C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP311\A0239111.exe Medium
7/30/2011 6:22:36 PM Deleted adware not-a-virus:AdWare.Win32.Gamevance.hjep C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP326\A0306277.exe Medium
7/30/2011 6:33:34 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337665.exe High
7/30/2011 6:33:34 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337665.exe//data0000 High
7/30/2011 6:33:37 PM Deleted adware not-a-virus:AdWare.Win32.FunWeb.heur C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337666.dll Medium
7/30/2011 7:07:31 PM Deleted Trojan program Trojan-Dropper.JS.FakeUpdater.b C:\WINDOWS\system32\345.js High
7/30/2011 7:31:25 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\I386\APPS\APP14614\src\HPPavillion_Spring06.exe//WiseSFXDropper//WISE0015.BIN Medium
7/30/2011 7:31:29 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\I386\APPS\APP14614\src\CompaqPresario_Spring06.exe//WiseSFXDropper//WISE0015.BIN Medium
7/30/2011 7:31:25 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\I386\APPS\APP14614\src\HPPavillion_Spring06.exe//WiseSFXDropper Medium
7/30/2011 7:31:25 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\I386\APPS\APP14614\src\HPPavillion_Spring06.exe Medium
7/30/2011 7:31:29 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\I386\APPS\APP14614\src\CompaqPresario_Spring06.exe//WiseSFXDropper Medium
7/30/2011 7:31:29 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\I386\APPS\APP14614\src\CompaqPresario_Spring06.exe Medium
7/30/2011 7:32:22 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg D:\I386\APPS\APP18953\src\install\Worldwide-Compaq\games\wheeloffortune-setup.exe//data0028 High
7/30/2011 7:32:22 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg D:\I386\APPS\APP18953\src\install\Worldwide-Compaq\games\wheeloffortune-setup.exe//data0028//data0000 High
7/30/2011 7:32:22 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg D:\I386\APPS\APP18953\src\install\Worldwide-Compaq\games\wheeloffortune-setup.exe High
7/30/2011 7:48:36 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337689.exe//data0028 High
7/30/2011 7:48:36 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337689.exe//data0028//data0000 High
7/30/2011 7:48:53 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337687.exe//WiseSFXDropper//WISE0015.BIN Medium
7/30/2011 7:48:50 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337688.exe//WiseSFXDropper//WISE0015.BIN Medium
7/30/2011 7:48:36 PM Deleted Trojan program Trojan-Mailfinder.Win32.Blen.abg D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337689.exe High
7/30/2011 7:48:50 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337688.exe//WiseSFXDropper Medium
7/30/2011 7:48:50 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337688.exe Medium
7/30/2011 7:48:53 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337687.exe//WiseSFXDropper Medium
7/30/2011 7:48:53 PM Deleted adware not-a-virus:AdWare.Win32.WeatherBug.a D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP342\A0337687.exe Medium

Thanks again for all your help,

Mark




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users