Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Believe It Is The Atmclk.exe


  • This topic is locked This topic is locked
10 replies to this topic

#1 Stark9

Stark9

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 29 May 2006 - 07:40 PM

Any help, TNKS



Logfile of HijackThis v1.99.1
Scan saved at 7:48:14 PM, on 5/29/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\aolavupd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\dcomcfg.exe
C:\WINDOWS\System32\atmclk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\AOL\1118762116\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\TrojanHunter 4.0\THGuard.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscAntiSpywarePlugin\ver1_11_7_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\antivirus\oasclnt.exe
C:\WINDOWS\System32\RunDLL32.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Documents and Settings\Todos\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
c:\program files\common files\aol\1118762116\ee\aolssc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: WinStat - {EE02B99B-1D55-48bc-B8DB-649A42CE45F6} - C:\WINDOWS\System32\WinStat12.dll (file missing)
O2 - BHO: Nothing - {f79fd28e-36ee-4989-aa61-9dd8e30a82fa} - C:\WINDOWS\System32\hp100.tmp
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Exif Initializer Ver.1.0] C:\Program Files\FUJIFILM\Exif Initializer Ver.1.0\EXIFINIT.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [twv] C:\WINDOWS\System32\twv.exe
O4 - HKLM\..\Run: [oizt] C:\WINDOWS\System32\oizt.exe
O4 - HKLM\..\Run: [bys] C:\WINDOWS\System32\bys.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1118762116\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [htqw] C:\WINDOWS\System32\htqw.exe
O4 - HKLM\..\Run: [rpbnjp] C:\WINDOWS\System32\rpbnjp.exe
O4 - HKLM\..\Run: [vbg] C:\WINDOWS\System32\vbg.exe
O4 - HKLM\..\Run: [uqls] C:\WINDOWS\System32\uqls.exe
O4 - HKLM\..\Run: [iayogm] C:\WINDOWS\System32\iayogm.exe
O4 - HKLM\..\Run: [yrt] C:\WINDOWS\System32\yrt.exe
O4 - HKLM\..\Run: [ypruoc] C:\WINDOWS\System32\ypruoc.exe
O4 - HKLM\..\Run: [xmybwe] C:\WINDOWS\System32\xmybwe.exe
O4 - HKLM\..\Run: [hjlyvh] C:\WINDOWS\System32\hjlyvh.exe
O4 - HKLM\..\Run: [rtpbg] C:\WINDOWS\System32\rtpbg.exe
O4 - HKLM\..\Run: [huz] C:\WINDOWS\System32\huz.exe
O4 - HKLM\..\Run: [gkf] C:\WINDOWS\System32\gkf.exe
O4 - HKLM\..\Run: [sqh] C:\WINDOWS\System32\sqh.exe
O4 - HKLM\..\Run: [clql] C:\WINDOWS\System32\clql.exe
O4 - HKLM\..\Run: [jjiqkp] C:\WINDOWS\System32\jjiqkp.exe
O4 - HKLM\..\Run: [rsjgw] C:\WINDOWS\System32\rsjgw.exe
O4 - HKLM\..\Run: [uqwer] C:\WINDOWS\System32\uqwer.exe
O4 - HKLM\..\Run: [wkb] C:\WINDOWS\System32\wkb.exe
O4 - HKLM\..\Run: [aketk] C:\WINDOWS\System32\aketk.exe
O4 - HKLM\..\Run: [cgd] C:\WINDOWS\System32\cgd.exe
O4 - HKLM\..\Run: [vmhw] C:\WINDOWS\System32\vmhw.exe
O4 - HKLM\..\Run: [iirzfe] C:\WINDOWS\System32\iirzfe.exe
O4 - HKLM\..\Run: [fqau] C:\WINDOWS\System32\fqau.exe
O4 - HKLM\..\Run: [ekwngb] C:\WINDOWS\System32\ekwngb.exe
O4 - HKLM\..\Run: [zzjfci] C:\WINDOWS\System32\zzjfci.exe
O4 - HKLM\..\Run: [unv] C:\WINDOWS\System32\unv.exe
O4 - HKLM\..\Run: [ehbgdid] C:\WINDOWS\System32\ehbgdid.exe
O4 - HKLM\..\Run: [vibniq] C:\WINDOWS\System32\vibniq.exe
O4 - HKLM\..\Run: [xzurr] C:\WINDOWS\System32\xzurr.exe
O4 - HKLM\..\Run: [uwvncm] C:\WINDOWS\System32\uwvncm.exe
O4 - HKLM\..\Run: [ekhhdvn] C:\WINDOWS\System32\ekhhdvn.exe
O4 - HKLM\..\Run: [ltvzdhq] C:\WINDOWS\System32\ltvzdhq.exe
O4 - HKLM\..\Run: [octn] C:\WINDOWS\System32\octn.exe
O4 - HKLM\..\Run: [gxkuwl] C:\WINDOWS\System32\gxkuwl.exe
O4 - HKLM\..\Run: [coc] C:\WINDOWS\System32\coc.exe
O4 - HKLM\..\Run: [miqhly] C:\WINDOWS\System32\miqhly.exe
O4 - HKLM\..\Run: [blfebgy] C:\WINDOWS\System32\blfebgy.exe
O4 - HKLM\..\Run: [apbe] C:\WINDOWS\System32\apbe.exe
O4 - HKLM\..\Run: [gbends] C:\WINDOWS\System32\gbends.exe
O4 - HKLM\..\Run: [ofur] C:\WINDOWS\System32\ofur.exe
O4 - HKLM\..\Run: [aojxb] C:\WINDOWS\System32\aojxb.exe
O4 - HKLM\..\Run: [trrwplz] C:\WINDOWS\System32\trrwplz.exe
O4 - HKLM\..\Run: [dzxa] C:\WINDOWS\System32\dzxa.exe
O4 - HKLM\..\Run: [cjaogty] C:\WINDOWS\System32\cjaogty.exe
O4 - HKLM\..\Run: [cpydmo] C:\WINDOWS\System32\cpydmo.exe
O4 - HKLM\..\Run: [ulcggow] C:\WINDOWS\System32\ulcggow.exe
O4 - HKLM\..\Run: [gxkaky] C:\WINDOWS\System32\gxkaky.exe
O4 - HKLM\..\Run: [snxh] C:\WINDOWS\System32\snxh.exe
O4 - HKLM\..\Run: [fjqlcvh] C:\WINDOWS\System32\fjqlcvh.exe
O4 - HKLM\..\Run: [rxlftm] C:\WINDOWS\System32\rxlftm.exe
O4 - HKLM\..\Run: [yul] C:\WINDOWS\System32\yul.exe
O4 - HKLM\..\Run: [bjb] C:\WINDOWS\System32\bjb.exe
O4 - HKLM\..\Run: [upx] C:\WINDOWS\System32\upx.exe
O4 - HKLM\..\Run: [qqmfdgs] C:\WINDOWS\System32\qqmfdgs.exe
O4 - HKLM\..\Run: [phmnzza] C:\WINDOWS\System32\phmnzza.exe
O4 - HKLM\..\Run: [smu] C:\WINDOWS\System32\smu.exe
O4 - HKLM\..\Run: [dqathxx] C:\WINDOWS\System32\dqathxx.exe
O4 - HKLM\..\Run: [houjy] C:\WINDOWS\System32\houjy.exe
O4 - HKLM\..\Run: [uknnaig] C:\WINDOWS\System32\uknnaig.exe
O4 - HKLM\..\Run: [vwdrag] C:\WINDOWS\System32\vwdrag.exe
O4 - HKLM\..\Run: [frmywuo] C:\WINDOWS\System32\frmywuo.exe
O4 - HKLM\..\Run: [ikjiefy] C:\WINDOWS\System32\ikjiefy.exe
O4 - HKLM\..\Run: [sfs] C:\WINDOWS\System32\sfs.exe
O4 - HKLM\..\Run: [bddwwg] C:\WINDOWS\System32\bddwwg.exe
O4 - HKLM\..\Run: [itju] C:\WINDOWS\System32\itju.exe
O4 - HKLM\..\Run: [caf] C:\WINDOWS\System32\caf.exe
O4 - HKLM\..\Run: [pksh] C:\WINDOWS\System32\pksh.exe
O4 - HKLM\..\Run: [prjpmue] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [urxzve] C:\WINDOWS\System32\urxzve.exe
O4 - HKLM\..\Run: [xmczmj] C:\WINDOWS\System32\xmczmj.exe
O4 - HKLM\..\Run: [tapeaz] C:\WINDOWS\System32\tapeaz.exe
O4 - HKLM\..\Run: [umeh] C:\WINDOWS\System32\umeh.exe
O4 - HKLM\..\Run: [lpsj] C:\WINDOWS\System32\lpsj.exe
O4 - HKLM\..\Run: [uay] C:\WINDOWS\System32\uay.exe
O4 - HKLM\..\Run: [zcci] C:\WINDOWS\System32\zcci.exe
O4 - HKLM\..\Run: [kej] C:\WINDOWS\System32\kej.exe
O4 - HKLM\..\Run: [oncph] C:\WINDOWS\System32\oncph.exe
O4 - HKLM\..\Run: [ivjb] C:\WINDOWS\System32\ivjb.exe
O4 - HKLM\..\Run: [weqi] C:\WINDOWS\System32\weqi.exe
O4 - HKLM\..\Run: [pkw] C:\WINDOWS\System32\pkw.exe
O4 - HKLM\..\Run: [tfhhy] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [jkwewej] C:\WINDOWS\System32\jkwewej.exe
O4 - HKLM\..\Run: [pwqesuk] C:\WINDOWS\System32\pwqesuk.exe
O4 - HKLM\..\Run: [mnoavpq] C:\WINDOWS\System32\mnoavpq.exe
O4 - HKLM\..\Run: [enqdh] C:\WINDOWS\System32\enqdh.exe
O4 - HKLM\..\Run: [iwsot] C:\WINDOWS\System32\iwsot.exe
O4 - HKLM\..\Run: [ikd] C:\WINDOWS\System32\ikd.exe
O4 - HKLM\..\Run: [zombf] C:\WINDOWS\System32\zombf.exe
O4 - HKLM\..\Run: [ulta] C:\WINDOWS\System32\ulta.exe
O4 - HKLM\..\Run: [lrpe] C:\WINDOWS\System32\lrpe.exe
O4 - HKLM\..\Run: [xoikzp] C:\WINDOWS\System32\xoikzp.exe
O4 - HKLM\..\Run: [rkaoaas] C:\WINDOWS\System32\rkaoaas.exe
O4 - HKLM\..\Run: [edjxw] C:\WINDOWS\System32\edjxw.exe
O4 - HKLM\..\Run: [rwc] C:\WINDOWS\System32\rwc.exe
O4 - HKLM\..\Run: [qccqqzf] C:\WINDOWS\System32\qccqqzf.exe
O4 - HKLM\..\Run: [cndrwp] C:\WINDOWS\System32\cndrwp.exe
O4 - HKLM\..\Run: [bcodj] C:\WINDOWS\System32\bcodj.exe
O4 - HKLM\..\Run: [iuhv] C:\WINDOWS\System32\iuhv.exe
O4 - HKLM\..\Run: [ftfr] C:\WINDOWS\System32\ftfr.exe
O4 - HKLM\..\Run: [hyq] C:\WINDOWS\System32\hyq.exe
O4 - HKLM\..\Run: [bnm] C:\WINDOWS\System32\bnm.exe
O4 - HKLM\..\Run: [uxcdkcq] C:\WINDOWS\System32\uxcdkcq.exe
O4 - HKLM\..\Run: [jaialv] C:\WINDOWS\System32\jaialv.exe
O4 - HKLM\..\Run: [spiolmt] C:\WINDOWS\System32\spiolmt.exe
O4 - HKLM\..\Run: [royf] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [emvkj] C:\WINDOWS\System32\emvkj.exe
O4 - HKLM\..\Run: [afuzki] C:\WINDOWS\System32\afuzki.exe
O4 - HKLM\..\Run: [jhwcds] C:\WINDOWS\System32\jhwcds.exe
O4 - HKLM\..\Run: [oqpm] C:\WINDOWS\System32\oqpm.exe
O4 - HKLM\..\Run: [jvezf] C:\WINDOWS\System32\jvezf.exe
O4 - HKLM\..\Run: [urtdbwg] C:\WINDOWS\System32\urtdbwg.exe
O4 - HKLM\..\Run: [bvp] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [diahk] C:\WINDOWS\System32\diahk.exe
O4 - HKLM\..\Run: [knjlsng] C:\WINDOWS\System32\knjlsng.exe
O4 - HKLM\..\Run: [ddx] C:\WINDOWS\System32\ddx.exe
O4 - HKLM\..\Run: [mliodv] C:\WINDOWS\System32\mliodv.exe
O4 - HKLM\..\Run: [hqph] C:\WINDOWS\System32\hqph.exe
O4 - HKLM\..\Run: [ftjwyc] C:\WINDOWS\System32\ftjwyc.exe
O4 - HKLM\..\Run: [jubog] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [psydmah] C:\WINDOWS\System32\psydmah.exe
O4 - HKLM\..\Run: [ccj] C:\WINDOWS\System32\ccj.exe
O4 - HKLM\..\Run: [ndap] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [xfaghsi] C:\WINDOWS\System32\xfaghsi.exe
O4 - HKLM\..\Run: [ahfqh] C:\WINDOWS\System32\ahfqh.exe
O4 - HKLM\..\Run: [cfjfzju] C:\WINDOWS\System32\cfjfzju.exe
O4 - HKLM\..\Run: [pbbq] C:\WINDOWS\System32\pbbq.exe
O4 - HKLM\..\Run: [jdywycu] C:\WINDOWS\System32\jdywycu.exe
O4 - HKLM\..\Run: [vztiuql] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [fdtvrs] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [tfttfg] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [xicxyqs] C:\WINDOWS\System32\xicxyqs.exe
O4 - HKLM\..\Run: [agjqbu] C:\WINDOWS\System32\agjqbu.exe
O4 - HKLM\..\Run: [strpxat] C:\WINDOWS\System32\strpxat.exe
O4 - HKLM\..\Run: [eebbp] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [iybvj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [kixa] C:\WINDOWS\System32\kixa.exe
O4 - HKLM\..\Run: [cdnhc] C:\WINDOWS\System32\cdnhc.exe
O4 - HKLM\..\Run: [yhuun] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [guni] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [xdytz] C:\WINDOWS\System32\xdytz.exe
O4 - HKLM\..\Run: [iwof] C:\WINDOWS\System32\iwof.exe
O4 - HKLM\..\Run: [jxqk] C:\WINDOWS\System32\jxqk.exe
O4 - HKLM\..\Run: [bpg] C:\WINDOWS\System32\bpg.exe
O4 - HKLM\..\Run: [fwmzx] C:\WINDOWS\System32\fwmzx.exe
O4 - HKLM\..\Run: [ketem] C:\WINDOWS\System32\ketem.exe
O4 - HKLM\..\Run: [only] C:\WINDOWS\System32\only.exe
O4 - HKLM\..\Run: [wmme] C:\WINDOWS\System32\wmme.exe
O4 - HKLM\..\Run: [fapsb] C:\WINDOWS\System32\fapsb.exe
O4 - HKLM\..\Run: [pnxzxoh] C:\WINDOWS\System32\pnxzxoh.exe
O4 - HKLM\..\Run: [phkvss] C:\WINDOWS\System32\phkvss.exe
O4 - HKLM\..\Run: [nenbn] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [cebcio] C:\WINDOWS\System32\cebcio.exe
O4 - HKLM\..\Run: [sryfa] C:\WINDOWS\System32\sryfa.exe
O4 - HKLM\..\Run: [woxug] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [pajsd] C:\WINDOWS\System32\pajsd.exe
O4 - HKLM\..\Run: [lajdrh] C:\WINDOWS\System32\lajdrh.exe
O4 - HKLM\..\Run: [zyxi] C:\WINDOWS\System32\zyxi.exe
O4 - HKLM\..\Run: [htz] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [abib] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [fpad] C:\WINDOWS\System32\fpad.exe
O4 - HKLM\..\Run: [zewu] C:\WINDOWS\System32\zewu.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.0\THGuard.exe"
O4 - HKLM\..\Run: [kxobj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [cgrrnqp] C:\WINDOWS\System32\cgrrnqp.exe
O4 - HKLM\..\Run: [thfx] C:\WINDOWS\System32\thfx.exe
O4 - HKLM\..\Run: [dxuvn] C:\WINDOWS\System32\dxuvn.exe
O4 - HKLM\..\Run: [dvatcz] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [psegd] C:\WINDOWS\System32\psegd.exe
O4 - HKLM\..\Run: [ktxbp] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [gdr] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [budt] C:\WINDOWS\System32\budt.exe
O4 - HKLM\..\Run: [logglt] C:\WINDOWS\System32\logglt.exe
O4 - HKLM\..\Run: [mmunel] C:\WINDOWS\System32\mmunel.exe
O4 - HKLM\..\Run: [olwjkz] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [jbbiqn] C:\WINDOWS\System32\jbbiqn.exe
O4 - HKLM\..\Run: [tpbulk] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [orq] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [hqccu] C:\WINDOWS\System32\hqccu.exe
O4 - HKLM\..\Run: [skp] C:\WINDOWS\System32\skp.exe
O4 - HKLM\..\Run: [efctu] C:\WINDOWS\System32\efctu.exe
O4 - HKLM\..\Run: [evivf] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [dxctrjj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [fjdiuua] C:\WINDOWS\System32\fjdiuua.exe
O4 - HKLM\..\Run: [upedf] C:\WINDOWS\System32\upedf.exe
O4 - HKLM\..\Run: [emizvc] C:\WINDOWS\System32\emizvc.exe
O4 - HKLM\..\Run: [cfergo] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [cyfiql] C:\WINDOWS\System32\cyfiql.exe
O4 - HKLM\..\Run: [yocqkw] C:\WINDOWS\System32\yocqkw.exe
O4 - HKLM\..\Run: [ridxt] C:\WINDOWS\System32\ridxt.exe
O4 - HKLM\..\Run: [ptrhyvo] C:\WINDOWS\System32\ptrhyvo.exe
O4 - HKLM\..\Run: [xmuvt] C:\WINDOWS\System32\xmuvt.exe
O4 - HKLM\..\Run: [fhn] C:\WINDOWS\System32\fhn.exe
O4 - HKLM\..\Run: [auuwpgf] C:\WINDOWS\System32\auuwpgf.exe
O4 - HKLM\..\Run: [nswtkqd] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [hbdozjz] C:\WINDOWS\System32\hbdozjz.exe
O4 - HKLM\..\Run: [bbgleag] C:\WINDOWS\System32\bbgleag.exe
O4 - HKLM\..\Run: [aag] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [zakwrxs] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [txnpcr] C:\WINDOWS\System32\txnpcr.exe
O4 - HKLM\..\Run: [befnm] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [viykop] C:\WINDOWS\System32\viykop.exe
O4 - HKLM\..\Run: [agi] C:\WINDOWS\System32\agi.exe
O4 - HKLM\..\Run: [izlpxl] C:\WINDOWS\System32\izlpxl.exe
O4 - HKLM\..\Run: [jksara] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [sppsuu] C:\WINDOWS\System32\sppsuu.exe
O4 - HKLM\..\Run: [zbwnsdh] C:\WINDOWS\System32\zbwnsdh.exe
O4 - HKLM\..\Run: [tjjqx] C:\WINDOWS\System32\tjjqx.exe
O4 - HKLM\..\Run: [sgabje] C:\WINDOWS\System32\sgabje.exe
O4 - HKLM\..\Run: [xxlxv] C:\WINDOWS\System32\xxlxv.exe
O4 - HKLM\..\Run: [pzgqhl] C:\WINDOWS\System32\pzgqhl.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1118762116\ee\services\sscAntiSpywarePlugin\ver1_11_7_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\File Sharing Revolution\Shareaza.exe" -tray
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.neededware.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol.com/mcafee/molbin/share...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol.com/mcafee/molbin/share...,20/McGDMgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CDEDA7E-69B9-4B12-8915-7062CB80B000}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: drct16 - drct16.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\aolavupd.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: OSCM Utility Service - Unknown owner - C:\Documents and Settings\Natasha\My Documents\OSCMUtilityService.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

BC AdBot (Login to Remove)

 


m

#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:37 PM

Posted 30 May 2006 - 03:57 AM

Hello Stark9,

Welcome to Bleeping Computer :thumbsup:

You have a lot going on here, and it will take several posts to take care of it, so hang in there!

One of the features of TrojanHunter is the TrojanHunter Guard used for resident memory scanning. We need to temporarily disable this, as it may interfere with the changes that need to be made during the fix.

To disable this feature, go to the TrojanHunter Guard icon.
(A light blue magnifying glass icon in the lower right corner of the screen.)
Right click it and select: Settings
Uncheck:
-Load at startup
-Enabled

You can re-enable TrojanHunter Guard once we are finished.

You should print out these instructions, or copy them to a Notepad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop. Do not run it yet.

Please download, install, and update the free version of Ewido Anti-Malware:
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • When you run Ewido for the first time, you might get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • From the main Ewido screen, click on update in the left menu, then click the Start update button.
  • After the update finishes, the status bar at the bottom will display "Update successful"
  • Exit Ewido. DO NOT run a scan yet.
Use Cleanmgr to clean temporary files:

1. Click > start > run and type cleanmgr and click OK
2. Scan your system for files to remove.
3. Make sure Temporary Files, Temporary Internet Files and Recycle Bin are the only things checked.
4. Click OK to remove those files.
5. Click Yes to confirm deletion.

Next, please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.

After SmitfraudFix finishes (and after a reboot if required), please open Ewido. (If a reboot is required, please boot BACK into Safe Mode.)
  • Click on Scanner
  • Click on Complete System Scan and the scan will begin.
  • If ewido finds anything, it will pop up a notification. You can select "clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
  • When the scan is finished, click the Save report button at the bottom of the screen.
  • Save the report to your desktop
  • Close Ewido
Then please restart it into Normal Windows. Please post the contents of the SmitfraudFix log located at C:\rapport.txt into this thread, along with the Ewido report and a new HijackThis log. NOTE: The Ewido log might be very long, but please post it in its entirety here. :flowers:

Thanks,
tea

Edited by teacup61, 30 May 2006 - 04:01 AM.

Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 Stark9

Stark9
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 30 May 2006 - 08:18 PM

I'have done evertything you told me, and here are the reports of the programs.

SmitFraudFix v2.51

Scan done at 17:04:05.75, Tue 05/30/2006
Run from C:\Documents and Settings\Todos\Desktop\dell\SmitfraudFix\SmitfraudFix21\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode

Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0c7416f0-dd23-420f-97f5-aae352ea2bf1}"="glochid"


Killing process


Deleting infected files

C:\WINDOWS\system32\atmclk.exe Deleted
C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\hp???.tmp Deleted
C:\WINDOWS\system32\ld????.tmp Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\regperf.exe Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\ts.ico Deleted
C:\WINDOWS\system32\wfkduei.dll Deleted
C:\DOCUME~1\Todos\FAVORI~1\Antivirus Test Online.url Deleted

Generic Renos Fix

GenericRenosFix by S!Ri


Deleting Temp Files


Registry Cleaning

Registry Cleaning done.

After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


End

[u]

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 8:34:40 PM, 5/30/2006
+ Report-Checksum: 7D75CFB8

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{EE02B99B-1D55-48bc-B8DB-649A42CE45F6} -> Adware.CreatrixMedia : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject -> Adware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject\CLSID -> Adware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject.1 -> Adware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE02B99B-1D55-48bc-B8DB-649A42CE45F6} -> Adware.CreatrixMedia : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bsto-1 -> Adware.BetterInternet : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP39\A0085347.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP40\A0087111.exe -> Downloader.Zlob.qa : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089575.exe -> Downloader.Zlob.pz : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089578.dll -> Trojan.Fakealert : Cleaned with backup
C:\WINDOWS\SYSTEM32\aag.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\aaimim.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\abib.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\abmj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\adgluy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\afuzki.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\agi.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\agjqbu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ahfqh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ake.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\aketk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\aojxb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\apbe.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\atewy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\atu.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\auuwpgf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\axsc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\azydn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bbgleag.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bcodj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bddwwg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\befnm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bjb.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\bjx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\blfebgy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bnm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bnsrh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bpg.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\budt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bvp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bwcm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\bys.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\bysaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\caf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ccj.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cdnhc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cebcio.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cfergo.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cficbre.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cfjfzju.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cgd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cgrrnqp.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cis.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cjaogty.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\clql.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cndrwp.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\coc.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cocaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cpydmo.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\cuoplua.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cvr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cwdo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\cyfiql.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\daa.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dctss.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ddx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\dfcbj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dgkrt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\diahk.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\dkayb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dmiria.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dpgcx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dpwx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dqathxx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dvatcz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dvw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dxctrjj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\dxuvn.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\dzxa.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ecgxr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\edjxw.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\edjxwaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\eebbp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\efctu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ehbgdid.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ehuou.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ejco.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ekhhdvn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ekipi.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ekwngb.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ellxifq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\emizvc.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\emvkj.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\enbcvz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\enqdh.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\enqdhaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\eproc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\epx30105.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\etnrm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\evivf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fag.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fapsb.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\fcyprf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fdtvrs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fgfte.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fhn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fhnis.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fhp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fjdiuua.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fjqlcvh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fpad.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\fqau.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\frmywuo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ftfr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ftjwyc.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ftmuen.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fvltfw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fvvbq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fwjga.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\fwmzx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\fygigkb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\gbends.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\gbendsaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\gdr.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\gfljneh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ggns.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ggttysp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\gkf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\gmqsh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\guni.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\guroggjaeg06.dll -> Downloader.Lastad.r : Cleaned with backup
C:\WINDOWS\SYSTEM32\gvqcoo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\gxkaky.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\gxkakyaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\gxkuwl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hbdozjz.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hbpn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hdu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hduaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hgsso.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hhgskq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hjjlpc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hjlyvh.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hjlyvhaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hjw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hmsek.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hodgtw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\houjy.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hqccu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hqph.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hrwsrg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\htn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\htqw.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\htqwaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\htz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\husbtwn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\huz.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hxke.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\hyq.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\hysn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\iayogm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ick.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ifvc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ihcf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\iirzfe.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ijhrs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ikd.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ikdaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ikdvv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ikjiefy.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ikjiefyaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\itju.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\itjuaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\iuhv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ivjb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\iwof.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\iwsot.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\iybvj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\izlpxl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jaialv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jbaip.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jbbiqn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jdywycu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\jfds.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jhpo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jhwcds.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\jib.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jjiqkp.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\jjiqkpaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jksara.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jkwewej.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\jonosbb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jqrn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jubog.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jujg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jvezf.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\jvjz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jwgmoz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jxjica.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\jxqk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\kcghxf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\kdho.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\kej.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\kejaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ketem.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\kixa.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\knjlsng.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\koy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\krx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\krxaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ktxbp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\kxobj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\lajdrh.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\leydhhk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\liqf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\logglt.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\lpsj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\lrpe.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ltvzdhq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\lvq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\metvefv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mgkurb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mhyqcvs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\miqhly.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mkpt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mkteap.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mliezhu.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mliodv.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\mljaqeo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mmunel.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mnoavpq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mopdw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mppsqyn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\muii.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mxbhba.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mxnqp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\myhv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\mzk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nakbj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nbz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ncjbvh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ndap.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\neb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nenbn.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\neqb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nmrz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nqznacf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nrccis.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nswtkqd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntf.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntfaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntqki.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nyeg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\nzi.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\oakjrgx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ocdvppl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ocsl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\octn.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\octnaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\odk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\odqg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\oflec.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ofur.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\oiqm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\oizt.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\oiztaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ols.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\olwjkz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\olzui.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\oncph.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\only.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\oqpm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\orq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\otmnhab.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\oxzlppb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ozzz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pajsd.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\pak.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pbbq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pbny.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pcrb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pesvb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\phkvss.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\phmnzza.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pksh.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\pkshaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pkw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pnxzxoh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\prjpmue.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\prjpmueaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\psegd.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\psydmah.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\ptrhyvo.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\puiyzub.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pwqesuk.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\pxywmz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\pzgqhl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\qccqqzf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\qcjd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\qjrq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\qmkktkd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\qqmfdgs.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\qzedmuw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\qzxs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ravx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rbarrsh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rbmnpkj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rdbjouk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rdw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ridxt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\riva.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rkaoaas.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rksr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rlbf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rmbd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rowpeoz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\royf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rpbnjp.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\rpbnjpaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rsjgw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rsusv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rtpbg.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\rtpbgaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ruornev.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rus.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rvdle.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rwc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rxlftm.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\rxlftmaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\rzdng.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdfoalb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdiga.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sfs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sgabje.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\shx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\shybfy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\skc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\skp.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\slcg.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\slcgaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\smu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\smuaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\snxh.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\snxhaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\spiolmt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sppsuu.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\sqh.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\srdujt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\srfdu.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sryfa.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\strpxat.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\sumomi.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\syxj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\szax.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tapeaz.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\tapeazaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tayvkjp.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\tayvkjpaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tcnxm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tfhhy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tfttfg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\thfx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\tjjqx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\tjutnrb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tnboo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tpbulk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\trrwplz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tur.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\twv.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\twvaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\tww.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\txahxo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\txnpcr.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\tyssi.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uay.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\uayaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\udlv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\udwkv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uhl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uitpj.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ujloct.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uknnaig.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ulcggow.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ulfr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ulta.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\umeh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\umk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\unv.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\unvaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\upedf.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\upx.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\uqls.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\uqwer.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\urtdbwg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\urxzve.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uump.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uvel.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\uwvncm.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uxcdkcq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\uyy.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vai.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vbg.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\vcmwf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vdqbk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\veauez.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vfxf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vhxf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vibniq.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\viykop.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\vjusnk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vmfz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vmhw.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\vnacvny.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vqze.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vrafdu.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vthhs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vwdrag.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\vyx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\vztiuql.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wbiz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\weasjr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wegpb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\weqi.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wjv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wkb.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wkwxknv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmme.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\wmz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wotpyuh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\woxug.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wqwwf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wxo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\wxtf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xbc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xcwdnv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xdytz.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\xfaghsi.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\xgwlttk.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xhjcph.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xicxyqs.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\xlund.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\xmczmj.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\xmczmjaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xmuvt.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xmybwe.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xoikzp.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\xoikzpaeg05.dll -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xopyu.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xqfa.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xrvup.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xrz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xrzaeg06.dll -> Downloader.Lastad.r : Cleaned with backup
C:\WINDOWS\SYSTEM32\xudqvjo.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xwpd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xxlxv.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xypsbie.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xzurr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\xzzrd.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ycjlpl.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ycmdg.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ydepzw.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\yhuun.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\yjab.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\yocqkw.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\yoqaeua.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\yprqoof.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\ypruoc.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\yrt.exe -> Downloader.Lastad.p : Cleaned with backup
C:\WINDOWS\SYSTEM32\yul.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zakwrxs.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zaly.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zbwnsdh.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zcci.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zcezyr.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zdwgbx.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zewu.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zksjz.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\znel.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zombf.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zyxi.exe -> Downloader.Lastad.h : Cleaned with backup
C:\WINDOWS\SYSTEM32\zzjfci.exe -> Downloader.Lastad.h : Cleaned with backup


::Report End


New Hijack This report.

Logfile of HijackThis v1.99.1
Scan saved at 8:41:15 PM, on 5/30/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\EARTHL~1\PROTEC~1\ADSSER~1.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\aolavupd.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\AOL\1118762116\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscAntiSpywarePlugin\ver1_11_7_1\AOLSP Scheduler.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\SSCRun.exe
C:\Program Files\mcafee.com\antivirus\oasclnt.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\EarthLink TotalAccess\ProtectionControlCenter\elnk_pcc.exe
c:\program files\common files\aol\1118762116\ee\aolssc.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Documents and Settings\Todos\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Exif Initializer Ver.1.0] C:\Program Files\FUJIFILM\Exif Initializer Ver.1.0\EXIFINIT.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1118762116\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [jubog] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [fdtvrs] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [iybvj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [guni] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [abib] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [gdr] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [tpbulk] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [dxctrjj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [aag] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1118762116\ee\services\sscAntiSpywarePlugin\ver1_11_7_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [EarthLink Installer] "D:\Windows\access\program files\EarthLink TotalAccess\_Setup.exe" /SD:\Windows
O4 - HKLM\..\Run: [Earthlink Protection Control Center] C:\Program Files\EarthLink TotalAccess\ProtectionControlCenter\elnk_pcc.exe /minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.neededware.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol.com/mcafee/molbin/share...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol.com/mcafee/molbin/share...,20/McGDMgr.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: drct16 - drct16.dll (file missing)
O23 - Service: ADSService - Aluria Software, LLC - C:\PROGRA~1\EARTHL~1\PROTEC~1\ADSSER~1.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:37 PM

Posted 30 May 2006 - 09:39 PM

Hello again,

Restart your computer, and tap the F8 key on your keyboard. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again. Using the arrow keys on the keyboard, scroll to and select the Safe mode menu item, and then press Enter.

Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [jubog] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [fdtvrs] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [iybvj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [guni] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [abib] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [gdr] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [tpbulk] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [dxctrjj] C:\WINDOWS\System32\prjpmue.exe
O4 - HKLM\..\Run: [aag] C:\WINDOWS\System32\prjpmue.exe
O15 - Trusted Zone: http://www.neededware.com
O20 - Winlogon Notify: drct16 - drct16.dll (file missing)


Close all browser and other windows except for HijackThis!, and click "Fix Checked".

Also, delete the following file (if it exists):

C:\WINDOWS\System32\prjpmue.exe

Use Cleanmgr to clean temporary files:

1. Click > start > run and type cleanmgr and click OK
2. Scan your system for files to remove.
3. Make sure Temporary Files, Temporary Internet Files and Recycle Bin are the only things checked.
4. Click OK to remove those files.
5. Click Yes to confirm deletion.

Now open Ewido, click on the Scanner button in the left menu, then click on the Start button. This scan can take quite a while to run, so time to go get a drink and a snack....
If ewido finds anything, it will pop up a notification. You can select "clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
When the scan finishes, click on "Save Report". This will create a text file. Please restart normally, then paste the contents of the text file to this thread, along with a new HijackThis log.

It really is important to know how your computer is running, so please let me know. :thumbsup:

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 Stark9

Stark9
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 31 May 2006 - 04:55 PM

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 10:47:29 AM, 5/31/2006
+ Report-Checksum: 203C87FC

+ Scan result:

C:\Documents and Settings\Todos\Cookies\todos@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@bfast[2].txt -> TrackingCookie.Bfast : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@bookspan.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@powellsbooks.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Todos\Cookies\todos@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089579.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089580.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089581.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089582.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089583.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089584.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089585.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089586.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089587.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089588.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089589.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089590.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089591.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089592.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089593.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089594.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089595.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089596.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089597.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089598.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089599.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089600.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089601.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089602.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089603.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089604.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089605.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089606.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089607.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089608.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089609.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089610.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089611.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089612.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089613.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089614.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089615.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089616.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089617.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089618.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089619.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089620.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089621.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089622.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089623.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089624.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089625.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089626.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089627.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089628.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089629.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089630.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089631.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089632.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089633.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089634.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089635.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089636.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089637.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089638.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089639.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089640.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089641.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089642.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089643.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089644.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089645.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089646.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089647.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089648.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089649.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089650.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089651.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089652.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089653.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089654.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089655.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089656.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089657.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089658.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089659.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089660.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089661.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089662.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089663.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089664.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089665.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089666.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089667.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089668.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089669.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089670.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089671.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089672.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089673.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089674.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089675.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089676.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089677.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089678.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089679.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089680.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089681.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089682.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089683.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089684.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089685.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089686.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089687.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089688.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089689.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089690.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089691.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089692.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089693.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089694.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089695.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089696.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089697.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089698.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089699.dll -> Downloader.Lastad.r : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089700.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089701.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089702.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089703.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089704.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089705.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089706.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089707.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089708.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089709.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089710.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089711.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089712.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089713.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089714.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089715.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089716.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089717.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089718.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089719.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089720.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089721.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089722.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089723.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089724.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089725.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089726.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089727.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089728.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089729.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089730.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089731.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089732.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089733.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089734.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089735.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089736.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089737.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089738.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089739.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089740.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089741.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089742.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089743.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089744.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089745.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089746.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089747.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089748.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089749.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089750.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089751.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089752.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089753.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089754.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089755.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089756.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089757.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089758.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089759.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089760.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089761.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089762.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089763.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089764.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089765.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089766.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089767.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089768.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089769.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089770.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089771.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089772.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089773.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089774.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089775.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089776.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089777.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089778.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089779.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089780.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089781.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089782.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089783.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089784.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089785.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089786.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089787.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089788.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089789.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089790.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089791.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089792.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089793.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089794.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089795.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089796.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089797.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089798.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089799.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089800.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089801.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089802.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089803.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089804.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089805.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089806.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089807.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089808.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089809.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089810.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089811.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089812.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089813.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089814.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089815.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089816.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089817.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089818.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089819.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089820.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089821.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089822.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089823.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089824.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089825.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089826.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089827.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089828.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089829.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089830.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089831.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089832.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089833.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089834.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089835.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089836.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089837.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089838.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089839.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089840.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089841.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089842.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089843.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089844.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089845.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089846.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089847.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089848.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089849.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089850.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089851.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089852.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089853.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089854.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089855.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089856.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089857.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089858.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089859.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089860.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089861.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089862.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089863.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089864.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089865.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089866.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089867.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089868.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089869.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089870.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089871.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089872.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089873.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089874.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089875.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089876.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089877.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089878.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089879.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089880.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089881.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089882.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089883.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089884.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089885.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089886.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089887.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089888.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089889.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089890.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089891.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089892.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089893.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089894.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089895.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089896.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089897.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089898.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089899.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089900.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089901.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089902.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089903.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089904.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089905.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089906.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089907.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089908.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089909.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089910.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089911.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089912.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089913.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089914.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089915.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089916.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089917.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089918.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089919.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089920.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089921.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089922.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089923.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089924.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089925.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089926.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089927.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089928.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089929.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089930.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089931.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089932.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089933.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089934.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089935.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089936.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089937.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089938.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089939.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089940.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089941.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089942.exe -> Downloader.Lastad.p : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089943.dll -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089944.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089945.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089946.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089947.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089948.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_restore{987E0331-0F01-427C-A58A-7A2E4AABF84D}\RP41\A0089949.exe -> Downloader.Lastad.h : Cleaned with backup
C:\System Volume Information\_rest

Edited by Stark9, 31 May 2006 - 05:05 PM.


#6 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:37 PM

Posted 31 May 2006 - 06:33 PM

Hello,

Can I see a new HijackThis log please? :thumbsup:

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#7 Stark9

Stark9
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 31 May 2006 - 07:56 PM

Here it is. I believe I put it there, but somehow it did not appear, sry for that. Once again, thanks.
By the way my computer is doing ok, although some links to some pages do not work, especially on Internet Explorer, the pages fail to load.

Logfile of HijackThis v1.99.1
Scan saved at 8:53:02 PM, on 5/31/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\EARTHL~1\PROTEC~1\ADSSER~1.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\aolavupd.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\AOL\1118762116\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\1118762116\ee\services\sscAntiSpywarePlugin\ver1_11_7_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\antivirus\oasclnt.exe
C:\Program Files\EarthLink TotalAccess\ProtectionControlCenter\elnk_pcc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
c:\program files\common files\aol\1118762116\ee\aolssc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Todos\Local Settings\Temp\Temporary Directory 4 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
F2 - REG:system.ini: Shell=Explorer.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Exif Initializer Ver.1.0] C:\Program Files\FUJIFILM\Exif Initializer Ver.1.0\EXIFINIT.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1118762116\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1118762116\ee\services\sscAntiSpywarePlugin\ver1_11_7_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\SSCRun.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\mcafee.com\antivirus\oasclnt.exe
O4 - HKLM\..\Run: [EmailScan] C:\Program Files\mcafee.com\antivirus\mcvsescn.exe
O4 - HKLM\..\Run: [EarthLink Installer] "D:\Windows\access\program files\EarthLink TotalAccess\_Setup.exe" /SD:\Windows
O4 - HKLM\..\Run: [Earthlink Protection Control Center] C:\Program Files\EarthLink TotalAccess\ProtectionControlCenter\elnk_pcc.exe /minimize
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol.com/mcafee/molbin/share...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol.com/mcafee/molbin/share...,20/McGDMgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4CDEDA7E-69B9-4B12-8915-7062CB80B000}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ADSService - Aluria Software, LLC - C:\PROGRA~1\EARTHL~1\PROTEC~1\ADSSER~1.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Antivirus Update Service (aolavupd) - America Online - C:\Program Files\Common Files\AOL\1118762116\ee\services\sscFirewallPlugin\ver1_11_7_1\aolavupd.exe
O23 - Service: EarthLink Firewall Process Path Service (ElnkFWPPService) - Aluria Software, LLC. - C:\PROGRA~1\EARTHL~1\PROTEC~1\EFWPPS~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee McShield (McShield) - McAfee Inc. - C:\PROGRA~1\mcafee.com\ANTIVI~1\mcshield.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: OSCM Utility Service - Unknown owner - C:\Documents and Settings\Natasha\My Documents\OSCMUtilityService.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

#8 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:37 PM

Posted 31 May 2006 - 10:05 PM

Hi there,

No need to be sorry whatsoever. :thumbsup: Your log is clean of malware, but there are a couple of potentially harmful things going on in other parts of your computer. We'll address those now.

Your Java is way out of date, which might explain at least part of your current problem, and it leaves your computer very vulnerable to infection.

Updating Java:
  • Go to Start > Control Panel double-click > add/remove programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    It should have a coffee cup next to it:
    Select it and click Remove.
  • Then Download and install the newest version from here:http://www.java.com/en/download/manual.jsp
After you complete that task, use 'Control Panel > Add/Remove Programs' to remove ALL earlier versions of Sun java. You remain vulnerable as long as these remain on your system.

You should know that you're actually doing more harm than good by running 2 Anti Virus programs. (AOL and McAfee) When you do this both programs compete for resources, and the end result is neither does it's best and can cause system instability. I recommend that you choose the one you want to keep, update it, disable the other one, and use it as an on demand only scan occasionally. The same goes for Firewalls, and for the same reason.

Let me know how this goes, and how your computer is running now. :flowers:

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#9 Stark9

Stark9
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 05 June 2006 - 09:53 AM

The computer is running great! Thanks a lot! :thumbsup: But, I still have a question: is there any chance there may be another virus or infection in another sceen name, on this computer? Thanks a lot again for the help! :flowers:

#10 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:37 PM

Posted 05 June 2006 - 07:31 PM

Hi,

I don't see any sign of it, but if you're having problems with another account, please post a new thread to avoid confusion.

MOST IMPORTANT!
Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows, including the latest version of Internet Explorer and SP2. This can patch many of the security holes through which attackers can gain access to your computer. Your current versions are outdated. I cannot stress enough how important this is.

You should definitely maintain a firewall. Some good free firewalls are ZoneAlarm, or Outpost
A tutorial on understanding and using firewalls may be found here.

Below I have included a number of recommendations on how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously! These few simple steps can stave off the vast majority of spyware problems.

In order to protect yourself against spyware, you should consider installing and running the following free programs:

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

IE/Spyad:
It places over 5000 malicious websites and domains in your IE's restricted zone.
IE/Spyad

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/

Please make sure to run your antivirus software regularly, and to keep it up-to-date.

Take care!
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#11 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:37 PM

Posted 12 June 2006 - 05:44 PM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users