Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Installed Sygate Personal Firewall And Still Getting Loaded With Spyware


  • This topic is locked This topic is locked
11 replies to this topic

#1 Nerv4Eva

Nerv4Eva

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 22 June 2007 - 06:28 PM

I feel really bad because I went through this process about a month ago and was clean for the 2 weeks thereafter, but now I'll scan with Ad-aware, delete the spyware, and then scan again in an hour and get the same spyware back, even with Sygate up.

Logfile of HijackThis v1.99.1
Scan saved at 7:21:02 PM, on 6/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Meetinghouse\AEGIS SecureConnect\ConnectionClient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\zabkat\xplorer2_lite\xplorer2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\random.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pyzap.net/?Enter=Website
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.snapfish.com/hp_spring2006_iconnotebook
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mdc - C:\WINDOWS\SYSTEM32\SsoWindows.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AEGIS SecureConnect Service (AEGIS SecureConnect) - Meetinghouse Data Communications - C:\Program Files\Meetinghouse\AEGIS SecureConnect\ConnectionClient.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Program Files\Spyware Doctor\SDhelper.exe (file missing)
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:19 PM

Posted 27 June 2007 - 05:32 PM

Hello Nerv4Eva,


I'll scan with Ad-aware, delete the spyware, and then scan again in an hour and get the same spyware back


Please post the log from Ad-aware as I need to see what it is finding.



I see Viewpoint installed. :thumbsup:

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546
I suggest you remove the program now, if you did not install it.

Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.

Viewpoint
Viewpoint Manager
Viewpoint Media Player


If you uninstalled, please navigate to and delete the following folders
C:\Program Files\Viewpoint

Reboot your computer.

You will need to use Internet Explorer for this scan.
Disable your antivirus program and go here to run BitDefender Online Scan.
Click on I Agree.
Avoid clicking on other links as you don't need to try out the full install at this point, just the online scanner.

When the ActiveX Control has loaded, click on "Click here to scan".
Please be patient, as this scan may take a few hours. It all depends on the number of files on your computer.

NOTE: If you are running XP SP2, you may need to click on the Information Bar to allow the ActiveX to install and may need to repeat the BitDefender Online Scan.


When BitDefender completes the scan, select the "Detected Problems" tab.
Click on "Click here to export scan".
Save the file as an HTML to your Desktop.
Then click on the saved file and allow it to open with your browser.
Go to Edit - Select All then copy/paste that log back here.

Post the BitDefender log and a fresh Hijackthis log.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 Nerv4Eva

Nerv4Eva
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 28 June 2007 - 05:33 PM

So, running BitDefender caused my computer to repeatedly shut down, but hey, 5th time's the charm. Here's the report:

BitDefender Online Scanner



Scan report generated at: Thu, Jun 28, 2007 - 18:24:05





Scan path: C:\;D:\;E:\;G:\;







Statistics

Time
02:50:29

Files
500704

Folders
11311

Boot Sectors
4

Archives
15442

Packed Files
29852




Results

Identified Viruses
14

Infected Files
209

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
377




Engines Info

Virus Definitions
607591

Engine build
AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\Chris Thai\Temporary Internet Files\Content.IE5\0V492B07\popup[1].htm
Infected with: Trojan.Clicker.CM

C:\Documents and Settings\Chris Thai\Temporary Internet Files\Content.IE5\0V492B07\popup[1].htm
Disinfection failed

C:\Documents and Settings\Chris Thai\Temporary Internet Files\Content.IE5\0V492B07\popup[1].htm
Deleted

C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008
Infected with: Trojan.Click.HD

C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008
Disinfection failed

C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe=>wise0008
Deleted

C:\SWSETUP\AOLMN\SP31524.exe=>(CAB Sfx o)=>\musicnow1.exe
Update failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP260\A0068620.dll
Infected with: MemScan:Trojan.Virtumod.JQ

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP260\A0068620.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP260\A0068620.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP266\A0077637.dll
Infected with: Trojan.Virtumod.JQ

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP266\A0077637.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP266\A0077637.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP271\A0083734.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP271\A0083734.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP271\A0083734.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084840.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084840.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084840.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084841.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084841.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084841.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084842.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084842.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084842.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084843.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084843.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084843.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084844.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084844.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084844.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084845.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084845.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084845.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084846.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084846.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084846.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084847.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084847.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084847.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084848.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084848.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084848.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084849.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084849.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084849.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084850.dll
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084850.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084850.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084851.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084851.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084851.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084852.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084852.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084852.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084853.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084853.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084853.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084854.dll
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084854.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP272\A0084854.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085910.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085910.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085912.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085912.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085913.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085913.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085914.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085914.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085915.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085915.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085916.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085916.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085917.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085917.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085917.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085918.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085918.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085919.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085919.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085920.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085920.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085920.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085921.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085921.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085922.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085922.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085923.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085923.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085923.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085924.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085924.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085925.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085925.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085926.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085926.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085926.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085927.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085927.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085928.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085928.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085929.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085929.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085929.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085930.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085930.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085931.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085931.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085932.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085932.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085933.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085933.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085933.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085934.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085934.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085934.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085935.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085935.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085936.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085936.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085936.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085937.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085937.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085938.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085938.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085938.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085939.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085939.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085940.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085940.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085940.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085941.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085941.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085941.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085942.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085942.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085943.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085943.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085944.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085944.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085945.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085945.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085945.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085946.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085946.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085947.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085947.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085948.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085948.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085949.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085949.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085950.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085950.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085951.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085951.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085952.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085952.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085953.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085953.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085954.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085954.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085955.dll=>(Quarantine-2)
Infected with: Trojan.Virtumod.JQ

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085955.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085955.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085956.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085956.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085957.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085957.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085959.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085959.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085960.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085960.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085961.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085961.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085962.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085962.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085963.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085963.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085964.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085964.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085965.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085965.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085966.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085966.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085966.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085967.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085967.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085968.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085968.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085969.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085969.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085970.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085970.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085971.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085971.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085972.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085972.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085973.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085973.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085974.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085974.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085975.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085975.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085975.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085976.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085976.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085977.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085977.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085978.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085978.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085979.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085979.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085980.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085980.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085980.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085981.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085981.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085982.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085982.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085982.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085983.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085983.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085984.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085984.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085985.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085985.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085986.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085986.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085987.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085987.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085988.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085988.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085989.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085989.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085989.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085990.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085990.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085990.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085991.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085991.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085992.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085992.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085993.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085993.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085994.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085994.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085995.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085995.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085996.dll=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085996.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085996.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085997.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085997.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085998.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085998.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085999.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0085999.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0086000.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0086000.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0086001.dll=>(Quarantine-2)
Infected with: Trojan.BHO.AR

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0086001.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP273\A0086001.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090031.dll
Infected with: MemScan:Trojan.BHO.BG

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090031.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090031.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090856.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090856.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090856.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090857.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090857.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090857.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090858.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090858.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090858.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090861.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090861.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090861.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090862.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090862.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090862.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090863.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090863.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP275\A0090863.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP280\A0092293.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP280\A0092293.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP280\A0092293.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0094318.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0094318.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0094318.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0094319.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0094319.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0094319.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095315.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095315.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095315.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095316.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095316.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095316.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095317.dll
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095317.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095317.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095318.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095318.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095318.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095324.dll
Infected with: MemScan:Trojan.Virtumod.JQ

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095324.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP281\A0095324.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP282\A0096399.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP282\A0096399.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP282\A0096399.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP285\A0100368.dll
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP285\A0100368.dll
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP285\A0100368.dll
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0123669.exe=>(Quarantine-2)
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0123669.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0123669.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125667.exe
Infected with: Trojan.Click.HD

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125667.exe
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125667.exe
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125668.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125668.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125669.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125669.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125670.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125670.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125671.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125671.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125672.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125672.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125673.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125673.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125674.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125674.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125675.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125675.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125676.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125676.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125676.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125677.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125677.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125678.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125678.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125679.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125679.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125680.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125680.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125681.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125681.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125682.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125682.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125683.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125683.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125684.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125684.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125685.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125685.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125686.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125686.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125687.dll=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125687.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125687.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125688.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125688.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125689.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125689.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125690.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125690.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125691.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125691.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125692.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125692.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125693.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125693.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125694.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125694.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125695.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125695.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125696.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125696.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125697.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125697.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125698.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125698.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125699.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125699.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125700.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125700.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125701.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125701.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125702.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125702.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125703.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125703.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125704.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125704.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125705.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125705.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125706.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125706.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125707.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125707.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125708.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125708.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125709.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125709.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125710.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125710.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125711.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125711.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125711.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125712.dll=>(Quarantine-2)
Infected with: Trojan.Bho.O

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125712.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125712.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125713.dll=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125713.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125713.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125714.dll=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125714.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125714.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125715.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125715.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125716.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125716.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125717.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125717.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125718.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125718.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125719.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125719.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125720.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125720.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125721.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125721.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125722.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125722.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125723.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125723.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125724.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125724.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125725.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125725.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125726.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125726.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125727.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125727.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125728.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125728.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125729.DLL=>(Quarantine-2)
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125729.DLL=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125729.DLL=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125730.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125730.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125731.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125731.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125732.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125732.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125733.dll=>(Quarantine-2)
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125733.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125733.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125734.dll=>(Quarantine-2)
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125734.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125734.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125735.dll=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125735.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125735.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125736.dll=>(Quarantine-2)
Infected with: Trojan.Vundo.AY

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125736.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125736.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125737.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125737.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125738.dll=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125738.dll=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125738.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125739.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125739.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125740.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125740.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125741.exe=>(Quarantine-2)
Infected with: Trojan.Obfus.Gen

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125741.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125741.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125742.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125742.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125743.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125743.dll=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125744.dll=>(Quarantine-2)
Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{92EC12A7-009B-4D77-899D-FF91068A8284}\RP311\A0125744.dll=>(Quarantine-2)
Deleted

C:\tskmgr.exe
Infected with: Trojan.Downloader.Agent.AZR

C:\tskmgr.exe
Disinfection failed

C:\tskmgr.exe
Deleted

C:\WINDOWS\temp\winCAB.tmp.exe
Infected with: Trojan.Agent.QT

C:\WINDOWS\temp\winCAB.tmp.exe
Disinfection failed

C:\WINDOWS\temp\winCAB.tmp.exe
Deleted

C:\WINDOWS\temp\winE8A.tmp.exe
Infected with: Trojan.Agent.AIM

C:\WINDOWS\temp\winE8A.tmp.exe
Disinfection failed

C:\WINDOWS\temp\winE8A.tmp.exe
Deleted

#4 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:19 PM

Posted 28 June 2007 - 05:48 PM

Hello Nerv4Eva,

You forgot to post a fresh Hijackthis log.
Bitdefender found and removed many viruses. :thumbsup:
How is your computer running now?
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 Nerv4Eva

Nerv4Eva
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 28 June 2007 - 06:25 PM

Here's the Ad-Aware log file:


Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, June 28, 2007 6:33:22 PM
Using definitions file:SE1R176 19.06.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):12 total references
Tracking Cookie(TAC index:3):50 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


6-28-2007 6:33:22 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Chris Thai\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 920
ThreadCreationTime : 6-28-2007 7:29:16 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 976
ThreadCreationTime : 6-28-2007 7:29:18 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1000
ThreadCreationTime : 6-28-2007 7:29:20 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1044
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1056
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1216
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1300
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1444
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [smc.exe]
FilePath : C:\Program Files\Sygate\SPF\
ProcessID : 1516
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 5.6.00.2808
ProductVersion : 5.6.00.2808
ProductName : Sygate® Security Agent and Personal Firewall
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
LegalCopyright : Copyright © 1999 - 2004 Sygate Technologies, Inc. All rights reserved.
OriginalFilename : Smc.EXE

#:10 [connectionclient.exe]
FilePath : C:\Program Files\Meetinghouse\AEGIS SecureConnect\
ProcessID : 1596
ThreadCreationTime : 6-28-2007 7:29:21 PM
BasePriority : Normal
FileVersion : 4.0.2.4179
ProductVersion : 4.0.2.4179
ProductName : AEGIS SecureConnect
CompanyName : Meetinghouse Data Communications
FileDescription : Establishes secure, authenticated WiFi or Ethernet connections for this computer.
InternalName : ConnectionClient
LegalCopyright : © Meetinghouse Data Communications Inc. 2006
OriginalFilename : ConnectionClient.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1668
ThreadCreationTime : 6-28-2007 7:29:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1840
ThreadCreationTime : 6-28-2007 7:29:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:13 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2040
ThreadCreationTime : 6-28-2007 7:29:23 PM
BasePriority : Normal
FileVersion : 103.0.9.2
ProductVersion : 103.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:14 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 232
ThreadCreationTime : 6-28-2007 7:29:24 PM
BasePriority : Normal
FileVersion : 5.5.6.604
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002 - 2007 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:15 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 528
ThreadCreationTime : 6-28-2007 7:29:24 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:16 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 584
ThreadCreationTime : 6-28-2007 7:29:24 PM
BasePriority : Normal
FileVersion : 103.0.9.2
ProductVersion : 103.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:17 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1940
ThreadCreationTime : 6-28-2007 7:29:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:18 [msdtc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 360
ThreadCreationTime : 6-28-2007 7:29:33 PM
BasePriority : Normal
FileVersion : 2001.12.4414.258
ProductVersion : 03.01.00.4414
ProductName : Microsoft Distributed Transaction Coordinator
CompanyName : Microsoft Corporation
FileDescription : MS DTC console program
InternalName : MSDTC.EXE
LegalCopyright : Copyright © Microsoft Corp. 1995-1998
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation

#:19 [aluschedulersvc.exe]
FilePath : C:\Program Files\Symantec\LiveUpdate\
ProcessID : 452
ThreadCreationTime : 6-28-2007 7:29:33 PM
BasePriority : Normal
FileVersion : 3.0.0.171
ProductVersion : 3.0.0.171
ProductName : LiveUpdate
CompanyName : Symantec Corporation
FileDescription : Automatic LiveUpdate Scheduler Service
InternalName : Automatic LiveUpdate Scheduler Service
LegalCopyright : Copyright © 1996-2005 Symantec Corporation
OriginalFilename : ALUSchedulerSvc.exe

#:20 [btwdins.exe]
FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\bin\
ProcessID : 468
ThreadCreationTime : 6-28-2007 7:29:33 PM
BasePriority : Normal
FileVersion : 4.0.1.3400
ProductVersion : 4.0.1.3400
ProductName : Bluetooth Software 4.0.1.3400
CompanyName : Broadcom Corporation.
FileDescription : Bluetooth Support Server
InternalName : BTWDIns
LegalCopyright : Copyright 2000-2006, Broadcom Corporation.
OriginalFilename : BTWDIns.EXE

#:21 [ehrecvr.exe]
FilePath : C:\WINDOWS\eHome\
ProcessID : 640
ThreadCreationTime : 6-28-2007 7:29:33 PM
BasePriority : Above Normal
FileVersion : 5.1.2715.3011 (xpsp(wmbla).061009-1511)
ProductVersion : 5.1.2715.3011
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Receiver Service
InternalName : ehRecvr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehRecvr.exe

#:22 [ehsched.exe]
FilePath : C:\WINDOWS\eHome\
ProcessID : 668
ThreadCreationTime : 6-28-2007 7:29:33 PM
BasePriority : Normal
FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 5.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Scheduler Service
InternalName : ehSched
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehSched.exe

#:23 [lssrvc.exe]
FilePath : C:\Program Files\Common Files\LightScribe\
ProcessID : 768
ThreadCreationTime : 6-28-2007 7:29:34 PM
BasePriority : Normal
FileVersion : 1.4.74.1
ProductName : LightScribe
CompanyName : Hewlett-Packard Company
LegalCopyright : © Copyright 2003-2006 Hewlett-Packard Development Company, LP
OriginalFilename : LSSrvc.exe

#:24 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1240
ThreadCreationTime : 6-28-2007 7:29:37 PM
BasePriority : Normal
FileVersion : 11.0.16.2
ProductVersion : 11.0.16
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:25 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1344
ThreadCreationTime : 6-28-2007 7:29:37 PM
BasePriority : Normal
FileVersion : 11.0.16.2
ProductVersion : 11.0.16
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:26 [richvideo.exe]
FilePath : C:\Program Files\CyberLink\Shared files\
ProcessID : 1504
ThreadCreationTime : 6-28-2007 7:29:37 PM
BasePriority : Normal
FileVersion : 1.1.0808
ProductVersion : 1.1.0808
ProductName : RichVideo Module
FileDescription : RichVideo Module
InternalName : RichVideo
LegalCopyright : Copyright 2004
OriginalFilename : RichVideo.EXE

#:27 [svcntaux.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 1568
ThreadCreationTime : 6-28-2007 7:29:37 PM
BasePriority : Normal
FileVersion : 5.0.0.23
ProductVersion : 5.0
CompanyName : PC Tools
LegalCopyright : Copyright © 2006 PC Tools. All rights reserved.

#:28 [swdsvc.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 1880
ThreadCreationTime : 6-28-2007 7:29:37 PM
BasePriority : Normal
FileVersion : 5.0.0.59
ProductVersion : 5.0
CompanyName : PC Tools
FileDescription : Spyware Doctor Service
LegalCopyright : Copyright © 2006 PC Tools. All rights reserved.

#:29 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2120
ThreadCreationTime : 6-28-2007 7:29:38 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:30 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2148
ThreadCreationTime : 6/28/2007 7:29:38 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:31 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 2224
ThreadCreationTime : 6/28/2007 7:29:39 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:32 [hpqwmiex.exe]
FilePath : C:\Program Files\Hewlett-Packard\Shared\
ProcessID : 2352
ThreadCreationTime : 6/28/2007 7:29:39 PM
BasePriority : Normal
FileVersion : 2, 0, 1, 8
ProductVersion : 2, 0, 1, 8
ProductName : hpqwmiex Module
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : hpqwmiex Module
InternalName : hpqwmiex
LegalCopyright : © Copyright 2003-2006 Hewlett-Packard Development Company, L.P.
OriginalFilename : hpqwmiex.EXE

#:33 [mcrdsvc.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 2384
ThreadCreationTime : 6/28/2007 7:29:39 PM
BasePriority : Normal
FileVersion : 4.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 4.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : MCRD Device Service
InternalName : McrdSvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : McrdSvc.exe

#:34 [mqsvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2464
ThreadCreationTime : 6/28/2007 7:29:39 PM
BasePriority : Normal
FileVersion : 5.01.1108
ProductVersion : 5.01.1108
ProductName : Microsoft Message Queue
CompanyName : Microsoft Corporation
FileDescription : Message Queuing Service
LegalCopyright : Copyright © Microsoft Corporation. 1981-2000
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows NT™ is a trademark of Microsoft Corporation
OriginalFilename : MQSVC.EXE

#:35 [mqtgsvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2772
ThreadCreationTime : 6/28/2007 7:29:41 PM
BasePriority : Normal
FileVersion : 5.01.1108
ProductVersion : 5.01.1108
ProductName : Microsoft Message Queue
CompanyName : Microsoft Corporation
FileDescription : Windows NT MSMQ Trigger Service
LegalCopyright : Copyright © Microsoft Corporation. 1981-2000
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows NT™ is a trademark of Microsoft Corporation
OriginalFilename : QMTGSVC.EXE

#:36 [dllhost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3108
ThreadCreationTime : 6/28/2007 7:29:50 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : dllhost.exe

#:37 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 3248
ThreadCreationTime : 6/28/2007 7:29:51 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:38 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3896
ThreadCreationTime : 6/28/2007 7:30:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:39 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 3716
ThreadCreationTime : 6/28/2007 7:30:36 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:40 [ehtray.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 3668
ThreadCreationTime : 6/28/2007 7:30:53 PM
BasePriority : Normal
FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 5.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Tray Applet
InternalName : ehtray
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehtray.exe

#:41 [hp wireless assistant.exe]
FilePath : C:\Program Files\hpq\HP Wireless Assistant\
ProcessID : 3028
ThreadCreationTime : 6/28/2007 7:30:55 PM
BasePriority : Normal
FileVersion : 2, 0, 5, 1
ProductVersion : 2, 0, 5, 1
ProductName : HP Wireless Assistant
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : HP Wireless Assistant Module
InternalName : HP Wireless Assistant
LegalCopyright : © Copyright 2005, 2006 Hewlett-Packard Development Company, L.P.
OriginalFilename : HP Wireless Assistant.exe

#:42 [ehmsas.exe]
FilePath : C:\WINDOWS\eHome\
ProcessID : 1392
ThreadCreationTime : 6/28/2007 7:30:55 PM
BasePriority : Normal
FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 5.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Media Status Aggregator Service
InternalName : eHMSAS
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehMSAS.exe

#:43 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2188
ThreadCreationTime : 6/28/2007 7:30:56 PM
BasePriority : Normal
FileVersion : 3.0.0.4543
ProductVersion : 7.0.0.4543
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:44 [igfxpers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2912
ThreadCreationTime : 6/28/2007 7:30:57 PM
BasePriority : Normal
FileVersion : 3.0.0.4543
ProductVersion : 7.0.0.4543
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : persistence Module
InternalName : PERSISTENCE
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXPERS.EXE

#:45 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1836
ThreadCreationTime : 6/28/2007 7:30:59 PM
BasePriority : Normal
FileVersion : 8.2.16.4 03Mar06
ProductVersion : 8.2.16.4 03Mar06
ProductName : Synaptics Pointing Device Driver
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Synaptics Enhancements Application
LegalCopyright : Copyright © Synaptics, Inc. 1996-2006
OriginalFilename : SynTPEnh.exe

#:46 [qpservice.exe]
FilePath : C:\Program Files\HP\QuickPlay\
ProcessID : 3656
ThreadCreationTime : 6/28/2007 7:31:00 PM
BasePriority : Normal
FileVersion : 4.5.0.0000
ProductVersion : 4.5.0.0000
ProductName : HP QuickPlay
CompanyName : CyberLink Corp.
FileDescription : HP QuickPlay Resident Program
InternalName : HP QuickPlay Resident Program
LegalCopyright : Copyright © 2005 CyberLink Corp.
OriginalFilename : QPService.exe

#:47 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 3840
ThreadCreationTime : 6/28/2007 7:31:02 PM
BasePriority : Normal
FileVersion : 4, 60, 100, 37068
ProductVersion : 4, 60
ProductName : InstallShield Update Service
CompanyName : Macrovision Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 2005 Macrovision Corporation
OriginalFilename : issch.exe

#:48 [qlbctrl.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\
ProcessID : 3852
ThreadCreationTime : 6/28/2007 7:31:03 PM
BasePriority : Normal
FileVersion : 6, 0, 5, 1
ProductVersion : 6, 0, 5, 1
ProductName : HP Quick Launch Buttons
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : QLB Controller
InternalName : QLBCTRL.exe
LegalCopyright : © Copyright 2006 Hewlett-Packard Development Company, L.P.
OriginalFilename : QLBCTRL.exe

#:49 [hpqtoa~1.exe]
FilePath : C:\PROGRA~1\HPQ\Shared\
ProcessID : 928
ThreadCreationTime : 6/28/2007 7:31:04 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HpqToaster Module
FileDescription : HpqToaster Module
InternalName : HpqToaster
LegalCopyright : Copyright 2005
OriginalFilename : HpqToaster.EXE

#:50 [vsnpstd2.exe]
FilePath : C:\WINDOWS\
ProcessID : 3604
ThreadCreationTime : 6/28/2007 7:31:09 PM
BasePriority : Normal
FileVersion : 1, 0, 1, 2
ProductVersion : 1, 0, 1, 2
ProductName : CameraMonitor Application
FileDescription : CameraMonitor MFC Application
InternalName : CameraMonitor
LegalCopyright : Copyright © 2002-2004
OriginalFilename : CameraMonitor.EXE

#:51 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 3300
ThreadCreationTime : 6/28/2007 7:31:12 PM
BasePriority : Normal
FileVersion : 7.1.0.59
ProductVersion : 7.1.0.59
ProductName : iTunes
CompanyName : Apple Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2007 Apple Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:52 [hpwuschd2.exe]
FilePath : C:\Program Files\Hp\HP Software Update\
ProcessID : 2968
ThreadCreationTime : 6/28/2007 7:31:15 PM
BasePriority : Normal
FileVersion : 50.0.146.000
ProductVersion : 050.000.146.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant

#:53 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 3736
ThreadCreationTime : 6/28/2007 7:31:18 PM
BasePriority : Normal
FileVersion : 103.0.9.2
ProductVersion : 103.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:54 [sdtrayapp.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 596
ThreadCreationTime : 6/28/2007 7:31:18 PM
BasePriority : Normal
FileVersion : 5.0.0.38
ProductVersion : 5.0
CompanyName : PC Tools
FileDescription : Spyware Doctor Tray
LegalCopyright : Copyright © 2007 PC Tools. All rights reserved.

#:55 [aim6.exe]
FilePath : C:\Program Files\AIM6\
ProcessID : 2396
ThreadCreationTime : 6/28/2007 7:31:22 PM
BasePriority : Normal
FileVersion : 1.4.9.1
ProductVersion : 1.4.9.1
ProductName : AOL Service Libraries
CompanyName : AOL LLC
FileDescription : AIM
InternalName : AOLSoftware
LegalCopyright : © 2007 AOL LLC.
OriginalFilename : AOLSoftware.exe

#:56 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 2348
ThreadCreationTime : 6/28/2007 7:31:22 PM
BasePriority : Normal
FileVersion : 7.1.0.59
ProductVersion : 7.1.0.59
ProductName : iTunes
CompanyName : Apple Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2007 Apple Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:57 [bttray.exe]
FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\
ProcessID : 200
ThreadCreationTime : 6/28/2007 7:31:30 PM
BasePriority : Normal
FileVersion : 4.0.1.3400
ProductVersion : 4.0.1.3400
ProductName : Bluetooth Software 4.0.1.3400
CompanyName : Broadcom Corporation.
FileDescription : Bluetooth Tray Application
InternalName : BTTray
LegalCopyright : Copyright 2000-2006, Broadcom Corporation.
OriginalFilename : BTTray.exe

#:58 [aolsoftware.exe]
FilePath : C:\Program Files\AIM6\
ProcessID : 3584
ThreadCreationTime : 6/28/2007 7:31:31 PM
BasePriority : Normal
FileVersion : 1.5.6.1
ProductVersion : 1.5.6.1
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOL
InternalName : AOLSoftware
LegalCopyright : © 2006 America Online, Inc.
OriginalFilename : AOLSoftware.exe

#:59 [hpqimzone.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 1396
ThreadCreationTime : 6/28/2007 7:31:40 PM
BasePriority : Normal


#:60 [maxthon.exe]
FilePath : C:\Program Files\Maxthon\
ProcessID : 5756
ThreadCreationTime : 6/28/2007 10:21:08 PM
BasePriority : Normal
FileVersion : 1, 6, 1, 22
ProductVersion : 1, 6, 1, 22
ProductName : Maxthon Application
CompanyName : Maxthon International Ltd.
FileDescription : Maxthon Web Browser
InternalName : Maxthon
LegalCopyright : Copyright © 2002
LegalTrademarks : Maxthon
OriginalFilename : Maxthon.EXE

#:61 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 5232
ThreadCreationTime : 6/28/2007 10:32:33 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:62 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Professional\
ProcessID : 3660
ThreadCreationTime : 6/28/2007 10:33:07 PM
BasePriority : Normal
FileVersion : 6.2.0.238
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 12


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 12


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 12


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adbrite[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:314
Value : Cookie:chris thai@adbrite.com/
Expires : 6/27/2008 4:16:00 AM
LastSync : Hits:314
UseCount : 0
Hits : 314

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:chris thai@statcounter.com/
Expires : 6/26/2012 4:03:02 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:39
Value : Cookie:chris thai@ads.pointroll.com/
Expires : 12/31/2009 8:00:00 PM
LastSync : Hits:39
UseCount : 0
Hits : 39

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:100
Value : Cookie:chris thai@serving-sys.com/
Expires : 12/31/2037 6:00:00 PM
LastSync : Hits:100
UseCount : 0
Hits : 100

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:83
Value : Cookie:chris thai@fastclick.net/
Expires : 6/27/2009 3:58:18 AM
LastSync : Hits:83
UseCount : 0
Hits : 83

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:chris thai@atdmt.com/
Expires : 6/25/2012 8:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ad.yieldmanager[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:919
Value : Cookie:chris thai@ad.yieldmanager.com/
Expires : 6/27/2009 4:15:58 AM
LastSync : Hits:919
UseCount : 0
Hits : 919

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@specificclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:247
Value : Cookie:chris thai@specificclick.net/
Expires : 6/25/2017 4:16:00 AM
LastSync : Hits:247
UseCount : 0
Hits : 247

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adserver.easyad[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@adserver.easyad.info/
Expires : 6/22/2017 12:10:54 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@tremor.adbureau[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:chris thai@tremor.adbureau.net/
Expires : 2/29/2012 8:00:00 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@4.adbrite[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:chris thai@4.adbrite.com/
Expires : 6/28/2007 8:52:34 PM
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@tacoda[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:56
Value : Cookie:chris thai@tacoda.net/
Expires : 6/26/2008 9:18:38 PM
LastSync : Hits:56
UseCount : 0
Hits : 56

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@entrepreneur.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@entrepreneur.122.2o7.net/
Expires : 6/23/2012 12:10:44 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@kontera[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:chris thai@kontera.com/
Expires : 6/25/2008 11:43:38 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@fortunecity[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@fortunecity.com/
Expires : 12/31/2020 8:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:chris thai@tribalfusion.com/
Expires : 6/26/2008 4:19:48 PM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@ads.revsci.net/adserver
Expires : 6/20/2039 4:15:58 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ads.addynamix[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@ads.addynamix.com/
Expires : 6/28/2007 11:59:52 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:chris thai@advertising.com/
Expires : 6/25/2012 9:32:24 PM
LastSync : Hits:44
UseCount : 0
Hits : 44

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@edge.ru4.com/
Expires : 6/20/2037 4:05:06 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@as-eu.falkag.net/
Expires : 6/27/2007 2:08:02 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@mediaplex.com/
Expires : 6/21/2009 8:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@adrevolver.com/
Expires : 6/26/2008 9:00:02 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@bs.serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:chris thai@bs.serving-sys.com/
Expires : 12/31/2037 6:00:00 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:chris thai@trafficmp.com/
Expires : 6/26/2008 12:22:24 AM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@viewpoint[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@viewpoint.com/
Expires : 1/17/2038 8:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:chris thai@doubleclick.net/
Expires : 6/27/2010 3:51:18 AM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@videoegg.adbureau[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@videoegg.adbureau.net/
Expires : 2/27/2008 8:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@revsci[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:17
Value : Cookie:chris thai@revsci.net/
Expires : 12/30/2037 11:00:00 PM
LastSync : Hits:17
UseCount : 0
Hits : 17

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@insightexpressai[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:chris thai@insightexpressai.com/
Expires : 6/26/2012 11:38:18 PM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@realmedia.com/
Expires : 12/31/2020 8:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@data.coremetrics[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@data.coremetrics.com/
Expires : 6/27/2022 10:29:46 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@media.adrevolver.com/adrevolver/
Expires : 3/17/2010 5:19:36 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@longandfoster.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@longandfoster.112.2o7.net/
Expires : 6/25/2012 8:05:50 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ads.infinite-ads[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:chris thai@ads.infinite-ads.com/
Expires : 6/25/2017 4:09:48 AM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adserver.softwareonline[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@adserver.softwareonline.com/
Expires : 12/30/1899
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@statse.webtrendslive[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:chris thai@statse.webtrendslive.com/
Expires : 6/24/2017 6:40:46 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@digitalpoint[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:32
Value : Cookie:chris thai@digitalpoint.com/
Expires : 7/2/2007 12:10:16 PM
LastSync : Hits:32
UseCount : 0
Hits : 32

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@metacafe.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@metacafe.122.2o7.net/
Expires : 6/23/2012 5:57:54 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:chris thai@2o7.net/
Expires : 6/25/2012 9:32:24 PM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:chris thai@247realmedia.com/
Expires : 12/31/2020 8:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ad.iconadserver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@ad.iconadserver.com/
Expires : 7/11/2007 11:59:24 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@cbs.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@cbs.112.2o7.net/
Expires : 6/25/2012 9:18:38 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@partners.webmasterplan[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:chris thai@partners.webmasterplan.com/
Expires : 6/27/2017 6:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:33
Value : Cookie:chris thai@questionmarket.com/
Expires : 8/17/2008 8:12:38 PM
LastSync : Hits:33
UseCount : 0
Hits : 33

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@bfast[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@bfast.com/
Expires : 6/25/2027 3:17:36 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:58
Value : Cookie:chris thai@zedo.com/
Expires : 6/23/2017 1:57:08 AM
LastSync : Hits:58
UseCount : 0
Hits : 58

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@reduxads.valuead[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:chris thai@reduxads.valuead.com/
Expires : 12/31/2020 8:00:00 PM
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@sextracker.com/
Expires : 6/28/2007 12:09:56 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@overture.com/
Expires : 6/24/2017 9:18:36 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 50
Objects found so far: 62



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 62


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 62


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 62




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 62

7:08:47 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:35:24.938
Objects scanned:269480
Objects identified:50
Objects ignored:0
New critical objects:50

#6 Nerv4Eva

Nerv4Eva
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 28 June 2007 - 06:28 PM

And here's the HijackThis log file. Sorry for the delay between the bitDefender log and th Ad-Aware log. The computer seems to be running as it normally does.

Logfile of HijackThis v1.99.1
Scan saved at 7:27:20 PM, on 6/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Meetinghouse\AEGIS SecureConnect\ConnectionClient.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
C:\Program Files\zabkat\xplorer2_lite\xplorer2.exe
C:\Program Files\Hijackthis\random.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pyzap.net/?Enter=Website
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.snapfish.com/hp_spring2006_iconnotebook
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mdc - C:\WINDOWS\SYSTEM32\SsoWindows.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AEGIS SecureConnect Service (AEGIS SecureConnect) - Meetinghouse Data Communications - C:\Program Files\Meetinghouse\AEGIS SecureConnect\ConnectionClient.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Program Files\Spyware Doctor\SDhelper.exe (file missing)
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

#7 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:19 PM

Posted 28 June 2007 - 06:30 PM

post removed.

Edited by SifuMike, 28 June 2007 - 06:31 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#8 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:19 PM

Posted 28 June 2007 - 06:35 PM

Hi Nerv4Eva,

Your log looks clean! :thumbsup:

MRU List Object Recognized!

MRU are Most Recently Used. It is not really a problem. I turn off the checking for MRU's in
AdAware. But you can safely delete them if you wish (MRU - Most
Recently Used).



Please read and follow How did I get infected?, With steps so it does not happen again!

If you want to improve speed/system performance after malware removal, take a look here.

Edited by SifuMike, 28 June 2007 - 06:39 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 Nerv4Eva

Nerv4Eva
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 28 June 2007 - 10:59 PM

But see, I haven't used my computer since I last posted I just ran Ad-Aware and found 27 "tracking cookies" (I forgot to deselect the inclusion of mru's) and I didn't even go through a comlete scan. Also, my internet is running a bit sluggish.

Here's the log just in case:


Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, June 28, 2007 11:50:00 PM
Using definitions file:SE1R176 19.06.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):7 total references
Tracking Cookie(TAC index:3):27 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


6-28-2007 11:50:00 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Chris Thai\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-16049337-4193673194-2348753937-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 916
ThreadCreationTime : 6-29-2007 3:14:25 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 972
ThreadCreationTime : 6-29-2007 3:14:28 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 996
ThreadCreationTime : 6-29-2007 3:14:29 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1040
ThreadCreationTime : 6-29-2007 3:14:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1076
ThreadCreationTime : 6-29-2007 3:14:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1216
ThreadCreationTime : 6-29-2007 3:14:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1304
ThreadCreationTime : 6-29-2007 3:14:31 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1448
ThreadCreationTime : 6-29-2007 3:14:31 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [smc.exe]
FilePath : C:\Program Files\Sygate\SPF\
ProcessID : 1500
ThreadCreationTime : 6-29-2007 3:14:31 AM
BasePriority : Normal
FileVersion : 5.6.00.2808
ProductVersion : 5.6.00.2808
ProductName : Sygate® Security Agent and Personal Firewall
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
LegalCopyright : Copyright © 1999 - 2004 Sygate Technologies, Inc. All rights reserved.
OriginalFilename : Smc.EXE

#:10 [connectionclient.exe]
FilePath : C:\Program Files\Meetinghouse\AEGIS SecureConnect\
ProcessID : 1604
ThreadCreationTime : 6-29-2007 3:14:31 AM
BasePriority : Normal
FileVersion : 4.0.2.4179
ProductVersion : 4.0.2.4179
ProductName : AEGIS SecureConnect
CompanyName : Meetinghouse Data Communications
FileDescription : Establishes secure, authenticated WiFi or Ethernet connections for this computer.
InternalName : ConnectionClient
LegalCopyright : © Meetinghouse Data Communications Inc. 2006
OriginalFilename : ConnectionClient.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1692
ThreadCreationTime : 6-29-2007 3:14:31 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1848
ThreadCreationTime : 6-29-2007 3:14:32 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:13 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 196
ThreadCreationTime : 6-29-2007 3:14:33 AM
BasePriority : Normal
FileVersion : 103.0.9.2
ProductVersion : 103.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:14 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 484
ThreadCreationTime : 6-29-2007 3:14:33 AM
BasePriority : Normal
FileVersion : 5.5.6.604
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002 - 2007 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:15 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 540
ThreadCreationTime : 6-29-2007 3:14:33 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:16 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 580
ThreadCreationTime : 6-29-2007 3:14:34 AM
BasePriority : Normal
FileVersion : 103.0.9.2
ProductVersion : 103.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:17 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1860
ThreadCreationTime : 6-29-2007 3:14:36 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:18 [msdtc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 368
ThreadCreationTime : 6-29-2007 3:14:42 AM
BasePriority : Normal
FileVersion : 2001.12.4414.258
ProductVersion : 03.01.00.4414
ProductName : Microsoft Distributed Transaction Coordinator
CompanyName : Microsoft Corporation
FileDescription : MS DTC console program
InternalName : MSDTC.EXE
LegalCopyright : Copyright © Microsoft Corp. 1995-1998
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation

#:19 [aluschedulersvc.exe]
FilePath : C:\Program Files\Symantec\LiveUpdate\
ProcessID : 524
ThreadCreationTime : 6-29-2007 3:14:43 AM
BasePriority : Normal
FileVersion : 3.0.0.171
ProductVersion : 3.0.0.171
ProductName : LiveUpdate
CompanyName : Symantec Corporation
FileDescription : Automatic LiveUpdate Scheduler Service
InternalName : Automatic LiveUpdate Scheduler Service
LegalCopyright : Copyright © 1996-2005 Symantec Corporation
OriginalFilename : ALUSchedulerSvc.exe

#:20 [btwdins.exe]
FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\bin\
ProcessID : 624
ThreadCreationTime : 6-29-2007 3:14:43 AM
BasePriority : Normal
FileVersion : 4.0.1.3400
ProductVersion : 4.0.1.3400
ProductName : Bluetooth Software 4.0.1.3400
CompanyName : Broadcom Corporation.
FileDescription : Bluetooth Support Server
InternalName : BTWDIns
LegalCopyright : Copyright 2000-2006, Broadcom Corporation.
OriginalFilename : BTWDIns.EXE

#:21 [ehrecvr.exe]
FilePath : C:\WINDOWS\eHome\
ProcessID : 660
ThreadCreationTime : 6-29-2007 3:14:43 AM
BasePriority : Above Normal
FileVersion : 5.1.2715.3011 (xpsp(wmbla).061009-1511)
ProductVersion : 5.1.2715.3011
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Receiver Service
InternalName : ehRecvr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehRecvr.exe

#:22 [ehsched.exe]
FilePath : C:\WINDOWS\eHome\
ProcessID : 672
ThreadCreationTime : 6-29-2007 3:14:43 AM
BasePriority : Normal
FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 5.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Scheduler Service
InternalName : ehSched
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehSched.exe

#:23 [lssrvc.exe]
FilePath : C:\Program Files\Common Files\LightScribe\
ProcessID : 760
ThreadCreationTime : 6-29-2007 3:14:43 AM
BasePriority : Normal
FileVersion : 1.4.74.1
ProductName : LightScribe
CompanyName : Hewlett-Packard Company
LegalCopyright : © Copyright 2003-2006 Hewlett-Packard Development Company, LP
OriginalFilename : LSSrvc.exe

#:24 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 1252
ThreadCreationTime : 6-29-2007 3:14:46 AM
BasePriority : Normal
FileVersion : 11.0.16.2
ProductVersion : 11.0.16
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:25 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 1288
ThreadCreationTime : 6-29-2007 3:14:46 AM
BasePriority : Normal
FileVersion : 11.0.16.2
ProductVersion : 11.0.16
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:26 [richvideo.exe]
FilePath : C:\Program Files\CyberLink\Shared files\
ProcessID : 1680
ThreadCreationTime : 6-29-2007 3:14:46 AM
BasePriority : Normal
FileVersion : 1.1.0808
ProductVersion : 1.1.0808
ProductName : RichVideo Module
FileDescription : RichVideo Module
InternalName : RichVideo
LegalCopyright : Copyright 2004
OriginalFilename : RichVideo.EXE

#:27 [svcntaux.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 1908
ThreadCreationTime : 6-29-2007 3:14:46 AM
BasePriority : Normal
FileVersion : 5.0.0.23
ProductVersion : 5.0
CompanyName : PC Tools
LegalCopyright : Copyright © 2006 PC Tools. All rights reserved.

#:28 [swdsvc.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 2056
ThreadCreationTime : 6-29-2007 3:14:47 AM
BasePriority : Normal
FileVersion : 5.0.0.59
ProductVersion : 5.0
CompanyName : PC Tools
FileDescription : Spyware Doctor Service
LegalCopyright : Copyright © 2006 PC Tools. All rights reserved.

#:29 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2136
ThreadCreationTime : 6-29-2007 3:14:48 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:30 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2188
ThreadCreationTime : 6-29-2007 3:14:48 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:31 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 2240
ThreadCreationTime : 6-29-2007 3:14:48 AM
BasePriority : Normal
FileVersion : 1, 8, 54, 419
ProductVersion : 1, 8, 54, 419
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:32 [mcrdsvc.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 2368
ThreadCreationTime : 6-29-2007 3:14:48 AM
BasePriority : Normal
FileVersion : 4.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 4.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : MCRD Device Service
InternalName : McrdSvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : McrdSvc.exe

#:33 [mqsvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2420
ThreadCreationTime : 6-29-2007 3:14:48 AM
BasePriority : Normal
FileVersion : 5.01.1108
ProductVersion : 5.01.1108
ProductName : Microsoft Message Queue
CompanyName : Microsoft Corporation
FileDescription : Message Queuing Service
LegalCopyright : Copyright © Microsoft Corporation. 1981-2000
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows NT™ is a trademark of Microsoft Corporation
OriginalFilename : MQSVC.EXE

#:34 [hpqwmiex.exe]
FilePath : C:\Program Files\Hewlett-Packard\Shared\
ProcessID : 2464
ThreadCreationTime : 6-29-2007 3:14:48 AM
BasePriority : Normal
FileVersion : 2, 0, 1, 8
ProductVersion : 2, 0, 1, 8
ProductName : hpqwmiex Module
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : hpqwmiex Module
InternalName : hpqwmiex
LegalCopyright : © Copyright 2003-2006 Hewlett-Packard Development Company, L.P.
OriginalFilename : hpqwmiex.EXE

#:35 [mqtgsvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2788
ThreadCreationTime : 6-29-2007 3:14:51 AM
BasePriority : Normal
FileVersion : 5.01.1108
ProductVersion : 5.01.1108
ProductName : Microsoft Message Queue
CompanyName : Microsoft Corporation
FileDescription : Windows NT MSMQ Trigger Service
LegalCopyright : Copyright © Microsoft Corporation. 1981-2000
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows NT™ is a trademark of Microsoft Corporation
OriginalFilename : QMTGSVC.EXE

#:36 [dllhost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3096
ThreadCreationTime : 6-29-2007 3:15:00 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : COM Surrogate
InternalName : dllhost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : dllhost.exe

#:37 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 3276
ThreadCreationTime : 6-29-2007 3:15:00 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:38 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3540
ThreadCreationTime : 6-29-2007 3:15:12 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:39 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2168
ThreadCreationTime : 6-29-2007 3:16:58 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:40 [ehtray.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 2888
ThreadCreationTime : 6-29-2007 3:17:14 AM
BasePriority : Normal
FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 5.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Tray Applet
InternalName : ehtray
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehtray.exe

#:41 [hp wireless assistant.exe]
FilePath : C:\Program Files\hpq\HP Wireless Assistant\
ProcessID : 3124
ThreadCreationTime : 6-29-2007 3:17:16 AM
BasePriority : Normal
FileVersion : 2, 0, 5, 1
ProductVersion : 2, 0, 5, 1
ProductName : HP Wireless Assistant
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : HP Wireless Assistant Module
InternalName : HP Wireless Assistant
LegalCopyright : © Copyright 2005, 2006 Hewlett-Packard Development Company, L.P.
OriginalFilename : HP Wireless Assistant.exe

#:42 [ehmsas.exe]
FilePath : C:\WINDOWS\eHome\
ProcessID : 3140
ThreadCreationTime : 6-29-2007 3:17:16 AM
BasePriority : Normal
FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239)
ProductVersion : 5.1.2710.2732
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Media Status Aggregator Service
InternalName : eHMSAS
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehMSAS.exe

#:43 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1264
ThreadCreationTime : 6-29-2007 3:17:17 AM
BasePriority : Normal
FileVersion : 3.0.0.4543
ProductVersion : 7.0.0.4543
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:44 [igfxpers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3448
ThreadCreationTime : 6-29-2007 3:17:17 AM
BasePriority : Normal
FileVersion : 3.0.0.4543
ProductVersion : 7.0.0.4543
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : persistence Module
InternalName : PERSISTENCE
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXPERS.EXE

#:45 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 3748
ThreadCreationTime : 6-29-2007 3:17:20 AM
BasePriority : Normal
FileVersion : 8.2.16.4 03Mar06
ProductVersion : 8.2.16.4 03Mar06
ProductName : Synaptics Pointing Device Driver
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Synaptics Enhancements Application
LegalCopyright : Copyright © Synaptics, Inc. 1996-2006
OriginalFilename : SynTPEnh.exe

#:46 [qpservice.exe]
FilePath : C:\Program Files\HP\QuickPlay\
ProcessID : 3796
ThreadCreationTime : 6-29-2007 3:17:20 AM
BasePriority : Normal
FileVersion : 4.5.0.0000
ProductVersion : 4.5.0.0000
ProductName : HP QuickPlay
CompanyName : CyberLink Corp.
FileDescription : HP QuickPlay Resident Program
InternalName : HP QuickPlay Resident Program
LegalCopyright : Copyright © 2005 CyberLink Corp.
OriginalFilename : QPService.exe

#:47 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 796
ThreadCreationTime : 6-29-2007 3:17:22 AM
BasePriority : Normal
FileVersion : 4, 60, 100, 37068
ProductVersion : 4, 60
ProductName : InstallShield Update Service
CompanyName : Macrovision Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 2005 Macrovision Corporation
OriginalFilename : issch.exe

#:48 [qlbctrl.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\
ProcessID : 3160
ThreadCreationTime : 6-29-2007 3:17:23 AM
BasePriority : Normal
FileVersion : 6, 0, 5, 1
ProductVersion : 6, 0, 5, 1
ProductName : HP Quick Launch Buttons
CompanyName : Hewlett-Packard Development Company, L.P.
FileDescription : QLB Controller
InternalName : QLBCTRL.exe
LegalCopyright : © Copyright 2006 Hewlett-Packard Development Company, L.P.
OriginalFilename : QLBCTRL.exe

#:49 [hpqtoa~1.exe]
FilePath : C:\PROGRA~1\HPQ\Shared\
ProcessID : 3616
ThreadCreationTime : 6-29-2007 3:17:23 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 7
ProductVersion : 1, 0, 0, 7
ProductName : HpqToaster Module
FileDescription : HpqToaster Module
InternalName : HpqToaster
LegalCopyright : Copyright 2005
OriginalFilename : HpqToaster.EXE

#:50 [vsnpstd2.exe]
FilePath : C:\WINDOWS\
ProcessID : 3260
ThreadCreationTime : 6-29-2007 3:17:27 AM
BasePriority : Normal
FileVersion : 1, 0, 1, 2
ProductVersion : 1, 0, 1, 2
ProductName : CameraMonitor Application
FileDescription : CameraMonitor MFC Application
InternalName : CameraMonitor
LegalCopyright : Copyright © 2002-2004
OriginalFilename : CameraMonitor.EXE

#:51 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 3760
ThreadCreationTime : 6-29-2007 3:17:30 AM
BasePriority : Normal
FileVersion : 7.1.0.59
ProductVersion : 7.1.0.59
ProductName : iTunes
CompanyName : Apple Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2007 Apple Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:52 [hpwuschd2.exe]
FilePath : C:\Program Files\Hp\HP Software Update\
ProcessID : 184
ThreadCreationTime : 6-29-2007 3:17:33 AM
BasePriority : Normal
FileVersion : 50.0.146.000
ProductVersion : 050.000.146.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant

#:53 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 3628
ThreadCreationTime : 6-29-2007 3:17:35 AM
BasePriority : Normal
FileVersion : 103.0.9.2
ProductVersion : 103.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:54 [sdtrayapp.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 3732
ThreadCreationTime : 6-29-2007 3:17:36 AM
BasePriority : Normal
FileVersion : 5.0.0.38
ProductVersion : 5.0
CompanyName : PC Tools
FileDescription : Spyware Doctor Tray
LegalCopyright : Copyright © 2007 PC Tools. All rights reserved.

#:55 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 2948
ThreadCreationTime : 6-29-2007 3:17:39 AM
BasePriority : Normal
FileVersion : 7.1.0.59
ProductVersion : 7.1.0.59
ProductName : iTunes
CompanyName : Apple Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2007 Apple Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:56 [aim6.exe]
FilePath : C:\Program Files\AIM6\
ProcessID : 832
ThreadCreationTime : 6-29-2007 3:17:40 AM
BasePriority : Normal
FileVersion : 1.4.9.1
ProductVersion : 1.4.9.1
ProductName : AOL Service Libraries
CompanyName : AOL LLC
FileDescription : AIM
InternalName : AOLSoftware
LegalCopyright : © 2007 AOL LLC.
OriginalFilename : AOLSoftware.exe

#:57 [bttray.exe]
FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\
ProcessID : 3824
ThreadCreationTime : 6-29-2007 3:17:48 AM
BasePriority : Normal
FileVersion : 4.0.1.3400
ProductVersion : 4.0.1.3400
ProductName : Bluetooth Software 4.0.1.3400
CompanyName : Broadcom Corporation.
FileDescription : Bluetooth Tray Application
InternalName : BTTray
LegalCopyright : Copyright 2000-2006, Broadcom Corporation.
OriginalFilename : BTTray.exe

#:58 [aolsoftware.exe]
FilePath : C:\Program Files\AIM6\
ProcessID : 3092
ThreadCreationTime : 6-29-2007 3:17:49 AM
BasePriority : Normal
FileVersion : 1.5.6.1
ProductVersion : 1.5.6.1
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOL
InternalName : AOLSoftware
LegalCopyright : © 2006 America Online, Inc.
OriginalFilename : AOLSoftware.exe

#:59 [hpqimzone.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 3592
ThreadCreationTime : 6-29-2007 3:18:01 AM
BasePriority : Normal


#:60 [maxthon.exe]
FilePath : C:\Program Files\Maxthon\
ProcessID : 6096
ThreadCreationTime : 6-29-2007 3:19:53 AM
BasePriority : Normal
FileVersion : 1, 6, 1, 22
ProductVersion : 1, 6, 1, 22
ProductName : Maxthon Application
CompanyName : Maxthon International Ltd.
FileDescription : Maxthon Web Browser
InternalName : Maxthon
LegalCopyright : Copyright © 2002
LegalTrademarks : Maxthon
OriginalFilename : Maxthon.EXE

#:61 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 4852
ThreadCreationTime : 6-29-2007 3:47:12 AM
BasePriority : Normal
FileVersion : 5.8.0.2607 built by: dnsrv(wmbla)
ProductVersion : 5.8.0.2607
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:62 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Professional\
ProcessID : 4440
ThreadCreationTime : 6-29-2007 3:49:47 AM
BasePriority : Normal
FileVersion : 6.2.0.238
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 7


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 7


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 7


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adbrite[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:chris thai@adbrite.com/
Expires : 6-27-2008 11:48:10 PM
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@statcounter.com/
Expires : 6-26-2012 11:50:14 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:chris thai@ads.pointroll.com/
Expires : 12-31-2009 8:00:00 PM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:chris thai@fastclick.net/
Expires : 6-27-2009 11:34:18 PM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@atdmt.com/
Expires : 6-25-2012 8:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ad.yieldmanager[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:49
Value : Cookie:chris thai@ad.yieldmanager.com/
Expires : 6-27-2009 11:48:40 PM
LastSync : Hits:49
UseCount : 0
Hits : 49

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:34
Value : Cookie:chris thai@casalemedia.com/
Expires : 6-18-2008 7:28:28 PM
LastSync : Hits:34
UseCount : 0
Hits : 34

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@4.adbrite[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@4.adbrite.com/
Expires : 6-29-2007 11:46:46 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@tacoda[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:chris thai@tacoda.net/
Expires : 6-27-2008 11:20:20 PM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@kontera[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@kontera.com/
Expires : 6-27-2008 7:53:02 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:chris thai@tribalfusion.com/
Expires : 6-27-2008 11:34:46 PM
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:chris thai@advertising.com/
Expires : 6-26-2012 8:10:26 PM
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adrevolver[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@adrevolver.com/
Expires : 6-27-2008 1:09:44 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:chris thai@doubleclick.net/
Expires : 6-27-2010 7:55:32 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@insightexpressai[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:chris thai@insightexpressai.com/
Expires : 6-28-2012 8:00:00 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adultfriendfinder[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:chris thai@adultfriendfinder.com/
Expires : 7-28-2007 11:20:42 PM
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@realmedia.com/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:chris thai@media.adrevolver.com/adrevolver/
Expires : 3-17-2010 5:18:34 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ads.infinite-ads[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:chris thai@ads.infinite-ads.com/
Expires : 6-25-2017 11:49:56 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@media.fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:chris thai@media.fastclick.net/
Expires : 6-29-2007 12:35:26 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@digitalpoint[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:chris thai@digitalpoint.com/
Expires : 7-3-2007 11:35:44 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@247realmedia.com/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@ad.iconadserver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@ad.iconadserver.com/
Expires : 7-12-2007 11:46:46 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@questionmarket.com/
Expires : 8-18-2008 12:12:14 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:chris thai@zedo.com/
Expires : 6-25-2017 11:47:14 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@adserving.cpxinteractive[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:chris thai@adserving.cpxinteractive.com/
Expires : 7-12-2007 11:48:02 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : chris thai@specificclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:chris thai@specificclick.net/
Expires : 6-25-2017 11:48:50 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 27
Objects found so far: 34



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
<STOP>

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 34


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 34
11:54:41 PM Scan stopped by user

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:40.484
Objects scanned:114908
Objects identified:27
Objects ignored:0
New critical objects:27

#10 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:19 PM

Posted 28 June 2007 - 11:22 PM

Hi Nerv4Eva,

I haven't used my computer since I last posted I just ran Ad-Aware and found 27 "tracking cookies"



Those were there because you did not delete them.
When you browse the Internet you get new cookies. They are not dangerous, so I would not worry about them.

This site tells you how to manage cookies:
http://www.allaboutcookies.org/manage-cookies/index.html

You can use CCleaner to clean off the cookies (see below).

Another option is to set you IE Browser to stop all cookies; however, some web sites will not work if you do this, as they require cookies.
Go to the 'Tools' menu
Click on 'Internet Options'
Click the 'Security' tab
Highlight the 'Internet' zone (selected by default)
Select security level 'High' for this zone
Click on 'OK'
Go into your cookies directory (usually c:\windows\cookies)
Delete all the files you have there
Once you delete these files, you will have no more cookies and your browser will no longer send or receive new cookies.



Download CCleaner and install it. (default location is best). Do not run it yet!

CCleaner Tutorial
*NOTE* CCleaner deletes EVERYTHING out of temp/temporary folders and does not make backups.

Let's empty the temp files:

Run CCleaner.

CAUTION: Please do NOT use the Issues button. This is a built-in registry cleaner. If you don't know how to use it, you may cause irreparable damage to your system.

1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbarfree Basic version instead of the Standard Build.


2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

3. Then select the items you wish to clean up.

In the Windows Tab:
• Clean all entries in the "Internet Explorer" section including Cookies.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:
• Clean all including cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

If it asks you to reboot at the end, click NO.

CCleaner should be run with the above settings for each User Account!

Also, my internet is running a bit sluggish

.

All I can do here is to remove you malware. Slow internet questions belong on another forum. It is proabaly your Internet Provider.

Edited by SifuMike, 28 June 2007 - 11:25 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#11 Nerv4Eva

Nerv4Eva
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 29 June 2007 - 12:25 AM

Hmm, alright then. Thanks a bunch and sorry for the trouble--because it seems there was not real spyware issue at all.

Edited by Nerv4Eva, 29 June 2007 - 12:27 AM.


#12 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:03:19 PM

Posted 19 July 2007 - 06:06 PM

Since your problem appears to be resolved, this thread will now be closed. If you need this topic reopened, please contact me or a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users