Trouble accessing internet

View previous topic View next topic Go down

Trouble accessing internet

Post by angrydragon on Mon 16 Aug 2010, 9:12 am

Hi, GeekPolice. My friend is having trouble accessing the internet from his computer. Not sure what the problem is, but I think it may be some kind of virus. I transferred OTL to his computer with a jump drive and ran the scan:



OTL logfile created on: 8/15/2010 4:54:31 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\HP_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 25.00% Memory free
920.00 Mb Paging File | 612.00 Mb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.75 Gb Total Space | 4.72 Gb Free Space | 15.85% Space Free | Partition Type: NTFS
Drive D: | 7.50 Gb Total Space | 2.16 Gb Free Space | 28.77% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 249.00 Mb Total Space | 241.31 Mb Free Space | 96.91% Space Free | Partition Type: FAT32

Computer Name: JULZACMAT
Current User Name: HP_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/05 15:42:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
PRC - [2010/04/23 06:26:27 | 000,061,184 | ---- | M] () -- C:\WINDOWS\asam.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/23 03:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2008/03/03 18:26:50 | 001,215,664 | ---- | M] ((Gaming)2) -- C:\Program Files\GamingSquared\Gaming2\G2.exe
PRC - [2007/06/14 10:28:32 | 001,654,784 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/08 09:16:35 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/11/03 20:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/03/17 16:43:58 | 000,816,736 | ---- | M] (BOONTY) -- C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
PRC - [2005/09/10 15:03:23 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
PRC - [2005/09/10 13:56:44 | 000,036,972 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0\bin\jusched.exe
PRC - [2005/02/26 00:34:02 | 000,245,760 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe


========== Modules (SafeList) ==========

MOD - [2010/08/05 15:42:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
MOD - [2008/12/14 14:30:52 | 000,075,776 | ---- | M] () -- C:\WINDOWS\system32\mrvykvdl.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/05/19 07:59:41 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2005/09/10 15:03:18 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\HP_Owner\Local Settings\Temp\IadHide5.dll
MOD - [2004/08/04 07:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2007/08/14 17:25:22 | 000,131,192 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2007/08/14 17:25:22 | 000,032,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2007/08/14 17:25:20 | 000,039,472 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2005/05/25 18:18:42 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/05/25 17:53:04 | 000,245,760 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/04/20 13:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/03/09 20:09:18 | 000,870,912 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/03/09 16:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/12/15 17:18:32 | 000,220,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 17:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 17:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/03/05 17:09:02 | 000,003,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM)
DRV - [2004/03/05 17:09:00 | 000,003,744 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO)
DRV - [2003/07/11 17:28:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\w, = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {BE0027FB-31FF-4661-82BC-83ADCEF28F0F} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

FF - HKLM\software\mozilla\Firefox\Extensions\\Seekmo@Seekmo.com: C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions [2008/06/15 10:20:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\G2_v1042@gamingsquared.com: C:\Program Files\GamingSquared\Gaming2\FF_v1042 [2008/05/09 16:12:43 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/09/30 07:04:16 | 000,000,152 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.226 winshield2009.microsoft.com
O1 - Hosts: 91.212.127.226 winshield2009.com
O1 - Hosts: 91.212.127.226 [You must be registered and logged in to see this link.]
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {22E1EFF7-D8DD-4bbc-9CE8-87EDBE8C1A40} - No CLSID value found.
O2 - BHO: (no name) - {46D7049A-9DB9-4AEC-82B1-F101B9367CB1} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {8c1aa28f-4b43-4959-b37a-78f8ba415d6d} - C:\WINDOWS\system32\qcdzjp.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B183732D-C236-4DA2-804C-96FD00F8645E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Freeze.com Toolbar) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\Freeze.com Toolbar\freeze_us.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Freeze.com Toolbar) - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\Freeze.com Toolbar\freeze_us.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [6c97f32a] C:\WINDOWS\System32\mrvykvdl.DLL ()
O4 - HKLM..\Run: [ahmnwrbk] C:\Documents and Settings\HP_Owner\Local Settings\Application Data\qlceoccyq\opheuvitssd.exe ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [asam] C:\WINDOWS\asam.exe ()
O4 - HKLM..\Run: [C:\WINDOWS\system32\kdmob.exe] C:\WINDOWS\System32\kdmob.exe File not found
O4 - HKLM..\Run: [G2] C:\Program Files\GamingSquared\Gaming2\G2.exe ((Gaming)2)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [pvrevqea] C:\Documents and Settings\HP_Owner\Local Settings\Application Data\dlwosggiw\pxpxlhptssd.exe ()
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ahmnwrbk] C:\Documents and Settings\HP_Owner\Local Settings\Application Data\qlceoccyq\opheuvitssd.exe ()
O4 - HKCU..\Run: [asam] C:\WINDOWS\asam.exe ()
O4 - HKCU..\Run: [pvrevqea] C:\Documents and Settings\HP_Owner\Local Settings\Application Data\dlwosggiw\pxpxlhptssd.exe ()
O4 - HKCU..\Run: [SaveKeep] C:\Program Files\SaveKeep Software\SaveKeep\SaveKeep.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\BoontyBox Play Toad.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe (BOONTY)
O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\HP Organize.lnk = C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: smile = C:\Program Files\Applications\wcs.exe File not found
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - File not found
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\lsp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\lsp.dll ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} [You must be registered and logged in to see this link.] (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} [You must be registered and logged in to see this link.] (Toontown Installer ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (kdmob.exe) - File not found
O20 - Winlogon\Notify\geBuTnMD: DllName - geBuTnMD.dll - File not found
O22 - SharedTaskScheduler: {fb357e54-83f1-4a3c-80a2-319201ed6c17} - bisque - C:\WINDOWS\system32\obicx.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {46D7049A-9DB9-4AEC-82B1-F101B9367CB1} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\fccaWPIC) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/25 00:32:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/18 18:46:37 | 000,000,103 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2008/10/18 18:46:38 | 000,000,103 | RHS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}\Shell - "" = AutoRun
O33 - MountPoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2fb0e9fc-f728-11db-99ec-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{2fb0e9fc-f728-11db-99ec-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2fb0e9fc-f728-11db-99ec-806d6172696f}\Shell\Open\command - "" = D:\resycled\boot.com -- [2008/10/18 17:09:24 | 000,029,696 | RHS- | M] ()
O33 - MountPoints2\{2fb0e9fd-f728-11db-99ec-806d6172696f}\Shell - "" = Autorun
O33 - MountPoints2\{2fb0e9fd-f728-11db-99ec-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2fb0e9fd-f728-11db-99ec-806d6172696f}\Shell\Open\command - "" = C:\resycled\boot.com -- [2008/10/18 17:09:23 | 000,029,696 | RHS- | M] ()
O33 - MountPoints2\{a3685a20-9612-11dc-9a14-0013d4b8ac2a}\Shell - "" = AutoRun
O33 - MountPoints2\{a3685a20-9612-11dc-9a14-0013d4b8ac2a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a3685a20-9612-11dc-9a14-0013d4b8ac2a}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/15 16:54:19 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
[2010/08/15 16:52:23 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010/08/15 16:51:37 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010/08/02 23:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\MSNInstaller
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/15 16:53:49 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/08/15 16:53:47 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/15 16:53:43 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\HP_Owner\NTUSER.DAT
[2010/08/15 16:50:33 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/15 16:50:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/15 16:50:28 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/15 15:35:17 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\HP_Owner\ntuser.ini
[2010/08/15 15:35:00 | 006,954,710 | -H-- | M] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\IconCache.db
[2010/08/15 15:26:36 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/08/15 15:21:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/05 15:42:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
[2010/08/02 23:08:46 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/02 22:28:21 | 002,087,834 | -HS- | M] () -- C:\WINDOWS\System32\ldvkyvrm.ini
[2010/08/02 22:27:24 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1CCCF97-1D47-4E2C-96D3-D421FD577380}.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/17 11:00:07 | 000,013,340 | ---- | C] () -- C:\WINDOWS\5469t5zj49d.dll
[2009/12/16 23:46:37 | 000,011,199 | ---- | C] () -- C:\WINDOWS\az39ownloader605.dll
[2009/12/08 23:10:17 | 000,010,697 | ---- | C] () -- C:\WINDOWS\28b5down9oader175z5.dll
[2009/11/21 00:35:39 | 000,006,847 | ---- | C] () -- C:\WINDOWS\20549viru91z3.dll
[2009/11/16 03:00:11 | 000,007,371 | ---- | C] () -- C:\WINDOWS\System32\ze5fsteal9155.dll
[2009/11/07 11:28:59 | 000,016,227 | ---- | C] () -- C:\WINDOWS\System32\55bdvir3z79.dll
[2009/11/06 07:38:19 | 000,017,249 | ---- | C] () -- C:\WINDOWS\2753359zus7a3.dll
[2009/10/24 05:36:07 | 000,005,214 | ---- | C] () -- C:\WINDOWS\System32\19859hacktzol559.dll
[2009/10/21 19:16:42 | 000,002,925 | ---- | C] () -- C:\WINDOWS\System32\5f79bzckdoo51620.dll
[2009/10/19 10:54:08 | 000,005,863 | ---- | C] () -- C:\WINDOWS\System32\17997not5z-vi9us7ee.dll
[2009/10/18 19:37:27 | 000,008,540 | ---- | C] () -- C:\WINDOWS\System32\10994worm5z55.dll
[2009/10/16 12:24:05 | 000,014,175 | ---- | C] () -- C:\WINDOWS\9a07threat5z3.dll
[2009/10/13 13:17:09 | 000,017,587 | ---- | C] () -- C:\WINDOWS\System32\255z0troj519.dll
[2009/10/09 23:14:35 | 000,010,070 | ---- | C] () -- C:\WINDOWS\12459azk5oor294.dll
[2009/09/29 12:33:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\lsp.dll
[2009/09/29 12:32:49 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\iehelper.dll.vir
[2009/09/23 00:45:30 | 000,006,874 | ---- | C] () -- C:\WINDOWS\System32\1e50vir259z.dll
[2009/09/18 18:40:33 | 000,008,169 | ---- | C] () -- C:\WINDOWS\System32\35d0th9efz599.dll
[2009/09/17 22:39:07 | 000,013,748 | ---- | C] () -- C:\WINDOWS\System32\279z5y9e4.dll
[2009/09/07 09:43:29 | 000,005,804 | ---- | C] () -- C:\WINDOWS\3955viru972z.dll
[2009/08/19 13:19:17 | 000,002,955 | ---- | C] () -- C:\WINDOWS\58z8virus1879.dll
[2009/08/19 12:37:17 | 000,004,460 | ---- | C] () -- C:\WINDOWS\58c9thi5z3274.dll
[2009/08/16 10:17:07 | 000,015,875 | ---- | C] () -- C:\WINDOWS\9z6fth5ef1917.dll
[2009/08/16 10:17:06 | 000,017,269 | ---- | C] () -- C:\WINDOWS\2a88s5zal29419.dll
[2009/08/16 10:17:06 | 000,016,567 | ---- | C] () -- C:\WINDOWS\System32\54685ackt9ol4ez.dll
[2009/08/16 10:17:05 | 000,014,559 | ---- | C] () -- C:\WINDOWS\316bv5rz896.dll
[2009/08/16 10:17:05 | 000,003,423 | ---- | C] () -- C:\WINDOWS\System32\98250sp5mbzt25f.dll
[2009/08/16 10:17:03 | 000,008,307 | ---- | C] () -- C:\WINDOWS\System32\5c1zth5eat6569.dll
[2009/08/16 10:17:02 | 000,014,506 | ---- | C] () -- C:\WINDOWS\System32\12075tr9555az.dll
[2009/08/16 10:16:58 | 000,006,326 | ---- | C] () -- C:\WINDOWS\3900threzt934005.dll
[2009/08/16 10:16:53 | 000,004,965 | ---- | C] () -- C:\WINDOWS\261z3spambot935.dll
[2009/08/16 10:16:53 | 000,004,008 | ---- | C] () -- C:\WINDOWS\System32\9581z9y3be.dll
[2009/08/16 10:16:51 | 000,013,373 | ---- | C] () -- C:\WINDOWS\System32\5685spa9sez806.dll
[2009/08/16 10:16:51 | 000,003,464 | ---- | C] () -- C:\WINDOWS\1c249ir5z5.dll
[2009/08/16 10:16:50 | 000,014,913 | ---- | C] () -- C:\WINDOWS\3516spy9arz2746.dll
[2009/08/16 10:16:50 | 000,007,223 | ---- | C] () -- C:\WINDOWS\3459zir1951.dll
[2009/08/16 10:16:49 | 000,003,047 | ---- | C] () -- C:\WINDOWS\System32\717zad5ware2192.dll
[2009/08/16 10:16:48 | 000,004,239 | ---- | C] () -- C:\WINDOWS\System32\796av5r203z.dll
[2009/08/16 10:16:47 | 000,015,828 | ---- | C] () -- C:\WINDOWS\System32\25537worz97f.dll
[2009/08/16 10:16:47 | 000,006,948 | ---- | C] () -- C:\WINDOWS\96z2thief5785.dll
[2009/08/16 10:16:47 | 000,004,772 | ---- | C] () -- C:\WINDOWS\25385wor955z.dll
[2009/08/16 10:16:46 | 000,003,004 | ---- | C] () -- C:\WINDOWS\1469worz45a.dll
[2009/08/16 10:16:46 | 000,002,893 | ---- | C] () -- C:\WINDOWS\System32\z2553s9y36.dll
[2009/08/16 10:16:44 | 000,006,966 | ---- | C] () -- C:\WINDOWS\System32\6zd5th59at27088.dll
[2009/08/16 10:16:44 | 000,005,160 | ---- | C] () -- C:\WINDOWS\System32\10073s9ambo5z5b.dll
[2009/08/16 10:16:43 | 000,009,043 | ---- | C] () -- C:\WINDOWS\659zt95j130.dll
[2009/08/16 10:16:42 | 000,013,249 | ---- | C] () -- C:\WINDOWS\System32\2z3t9reat1885.dll
[2009/08/16 10:16:42 | 000,002,945 | ---- | C] () -- C:\WINDOWS\System32\24c9addz5re292.dll
[2009/08/14 21:54:56 | 000,009,203 | ---- | C] () -- C:\WINDOWS\System32\b7ezac9doo51406.dll
[2009/08/13 00:25:42 | 000,017,982 | ---- | C] () -- C:\WINDOWS\28704worm5z9.dll
[2009/08/11 07:30:57 | 000,011,900 | ---- | C] () -- C:\WINDOWS\27438vzrus50c9.dll
[2009/08/07 01:38:09 | 000,017,847 | ---- | C] () -- C:\WINDOWS\990a9zw5re257.dll
[2009/07/05 08:32:33 | 000,012,066 | ---- | C] () -- C:\WINDOWS\95c0addware1375z.dll
[2009/07/04 02:27:18 | 000,015,805 | ---- | C] () -- C:\WINDOWS\18059vzrus155.dll
[2009/07/01 00:35:12 | 000,003,956 | ---- | C] () -- C:\WINDOWS\System32\9f0v5z2223.dll
[2009/06/24 11:50:03 | 000,015,291 | ---- | C] () -- C:\WINDOWS\535spaz9o54db.dll
[2009/06/17 02:15:20 | 000,010,158 | ---- | C] () -- C:\WINDOWS\System32\de0thrzat7952.dll
[2009/06/03 12:39:32 | 000,010,064 | ---- | C] () -- C:\WINDOWS\7982vz5us6a.dll
[2009/05/10 17:45:43 | 000,009,866 | ---- | C] () -- C:\WINDOWS\System32\995spywarez250.dll
[2009/05/01 22:53:08 | 000,002,763 | ---- | C] () -- C:\WINDOWS\System32\5zf4spars9854.dll
[2009/04/28 06:10:39 | 000,009,615 | ---- | C] () -- C:\WINDOWS\1f9aspywaz52443.dll
[2009/04/23 06:05:35 | 000,004,147 | ---- | C] () -- C:\WINDOWS\308z75pambot5c89.dll
[2009/04/22 06:08:47 | 000,014,196 | ---- | C] () -- C:\WINDOWS\6629z5r751.dll
[2009/04/11 22:56:47 | 000,014,914 | ---- | C] () -- C:\WINDOWS\System32\543z5spy419.dll
[2009/04/09 12:14:27 | 000,007,598 | ---- | C] () -- C:\WINDOWS\System32\218849irus3z5.dll
[2009/04/06 16:13:39 | 000,011,053 | ---- | C] () -- C:\WINDOWS\System32\3455steal20z09.dll
[2009/04/04 18:30:32 | 000,006,180 | ---- | C] () -- C:\WINDOWS\7z5aba9k5oor1563.dll
[2009/03/21 23:39:21 | 000,009,248 | ---- | C] () -- C:\WINDOWS\System32\5cfbstzal9285.dll
[2009/03/21 00:26:25 | 000,017,776 | ---- | C] () -- C:\WINDOWS\System32\22783zacktoo52519.dll
[2009/03/15 12:33:50 | 000,004,690 | ---- | C] () -- C:\WINDOWS\z147ad5ware29559.dll
[2009/03/04 12:13:04 | 000,012,184 | ---- | C] () -- C:\WINDOWS\System32\9809h5ckt9oz6bf.dll
[2009/03/03 04:54:14 | 000,006,442 | ---- | C] () -- C:\WINDOWS\System32\1f92b9ckd5or3z49.dll
[2009/03/02 01:57:03 | 000,012,710 | ---- | C] () -- C:\WINDOWS\System32\256z69pambot335.dll
[2009/02/27 01:25:19 | 000,004,496 | ---- | C] () -- C:\WINDOWS\4155threat2z99.dll
[2009/02/26 13:19:57 | 000,003,721 | ---- | C] () -- C:\WINDOWS\95267hackzool40a.dll
[2009/02/15 07:18:38 | 000,003,895 | ---- | C] () -- C:\WINDOWS\23195rzat15474.dll
[2009/02/12 07:16:41 | 000,016,063 | ---- | C] () -- C:\WINDOWS\System32\2f5adoznloa9e5779.dll
[2009/02/09 06:32:58 | 000,017,926 | ---- | C] () -- C:\WINDOWS\295zdownloader985.dll
[2009/02/06 14:16:55 | 000,008,513 | ---- | C] () -- C:\WINDOWS\System32\95539vzrus230.dll
[2009/02/02 00:49:33 | 000,012,167 | ---- | C] () -- C:\WINDOWS\71355teaz9304.dll
[2009/01/27 08:02:21 | 000,012,093 | ---- | C] () -- C:\WINDOWS\System32\4990hz5kt9ol4e5.dll
[2009/01/12 08:03:13 | 000,015,955 | ---- | C] () -- C:\WINDOWS\zb9evi95428.dll
[2009/01/09 20:14:21 | 000,005,745 | ---- | C] () -- C:\WINDOWS\System32\4f58spywa9ez189.dll
[2009/01/07 04:02:15 | 000,009,700 | ---- | C] () -- C:\WINDOWS\9c135tezl1487.dll
[2008/12/28 15:38:47 | 000,009,984 | ---- | C] () -- C:\WINDOWS\System32\20430hack95olz21.dll
[2008/12/26 14:16:24 | 000,004,250 | ---- | C] () -- C:\WINDOWS\7z26tr5j794.dll
[2008/12/15 22:06:06 | 000,008,124 | ---- | C] () -- C:\WINDOWS\17595not-a-vzrus79a.dll
[2008/12/14 14:30:56 | 002,087,834 | -HS- | C] () -- C:\WINDOWS\System32\ldvkyvrm.ini
[2008/12/14 14:30:50 | 000,075,776 | ---- | C] () -- C:\WINDOWS\System32\mrvykvdl.dll
[2008/12/13 12:16:10 | 001,647,120 | -HS- | C] () -- C:\WINDOWS\System32\dggbbrfi.ini
[2008/12/11 11:39:19 | 001,697,880 | -HS- | C] () -- C:\WINDOWS\System32\gqqoaqus.ini
[2008/12/11 05:23:15 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\77e5z9ief521.dll
[2008/12/10 11:33:44 | 001,697,880 | -HS- | C] () -- C:\WINDOWS\System32\rvibpnia.ini
[2008/12/08 19:04:11 | 001,620,759 | -HS- | C] () -- C:\WINDOWS\System32\tnpcgdjf.ini
[2008/12/07 09:48:21 | 001,598,743 | -HS- | C] () -- C:\WINDOWS\System32\xweavbbd.ini
[2008/12/06 08:32:48 | 001,479,822 | -HS- | C] () -- C:\WINDOWS\System32\ukflwuon.ini
[2008/12/05 17:49:06 | 001,479,822 | -HS- | C] () -- C:\WINDOWS\System32\jakipyfw.ini
[2008/12/04 20:01:54 | 000,015,066 | ---- | C] () -- C:\WINDOWS\203z45roj398.dll
[2008/12/04 17:50:02 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\tkzyuy.dll
[2008/12/04 17:49:56 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\tiiaukdh.dll
[2008/12/04 17:48:29 | 001,481,727 | -HS- | C] () -- C:\WINDOWS\System32\mnhtfura.ini
[2008/12/02 18:43:09 | 001,413,378 | -HS- | C] () -- C:\WINDOWS\System32\wvcftbgm.ini
[2008/12/01 08:29:54 | 001,413,378 | -HS- | C] () -- C:\WINDOWS\System32\mvnitqyj.ini
[2008/11/30 15:39:03 | 001,342,962 | -HS- | C] () -- C:\WINDOWS\System32\guqanoug.ini
[2008/11/29 15:38:26 | 001,342,962 | -HS- | C] () -- C:\WINDOWS\System32\jctfxuox.ini
[2008/11/28 19:09:49 | 001,342,962 | -HS- | C] () -- C:\WINDOWS\System32\ukjevrai.ini
[2008/11/27 19:07:26 | 001,648,525 | -HS- | C] () -- C:\WINDOWS\System32\cofdjcoo.ini
[2008/11/26 08:56:49 | 001,648,516 | -HS- | C] () -- C:\WINDOWS\System32\ifcybwqe.ini
[2008/11/25 08:55:53 | 001,653,551 | -HS- | C] () -- C:\WINDOWS\System32\rfgeskhi.ini
[2008/11/24 08:51:29 | 001,653,542 | -HS- | C] () -- C:\WINDOWS\System32\ummywhmv.ini
[2008/11/23 08:38:04 | 001,641,321 | -HS- | C] () -- C:\WINDOWS\System32\glwiksbx.ini
[2008/11/23 04:51:20 | 000,003,344 | ---- | C] () -- C:\WINDOWS\System32\bb9downlzader595.dll
[2008/11/21 18:08:25 | 001,641,321 | -HS- | C] () -- C:\WINDOWS\System32\cpmrhawe.ini
[2008/11/21 12:13:03 | 000,007,960 | ---- | C] () -- C:\WINDOWS\System32\69b1addwz9e5515.dll
[2008/11/19 17:38:16 | 001,496,349 | -HS- | C] () -- C:\WINDOWS\System32\oxskduyd.ini
[2008/11/17 15:42:05 | 001,583,301 | -HS- | C] () -- C:\WINDOWS\System32\weebbgga.ini
[2008/11/16 15:45:28 | 001,566,243 | -HS- | C] () -- C:\WINDOWS\System32\vvoxybai.ini
[2008/11/15 15:42:28 | 001,566,197 | -HS- | C] () -- C:\WINDOWS\System32\xviftgrk.ini
[2008/11/13 17:47:28 | 001,566,205 | -HS- | C] () -- C:\WINDOWS\System32\bmatgrmw.ini
[2008/11/12 17:44:18 | 001,605,958 | -HS- | C] () -- C:\WINDOWS\System32\fqbqdwti.ini
[2008/11/12 17:44:13 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\itwdqbqf.dll
[2008/11/11 17:46:35 | 001,579,125 | -HS- | C] () -- C:\WINDOWS\System32\ubrlpivw.ini
[2008/11/08 22:46:33 | 001,932,262 | -HS- | C] () -- C:\WINDOWS\System32\aohsoova.ini
[2008/11/08 22:46:31 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\avooshoa.dll
[2008/11/08 22:43:37 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\kmkdkt.dll
[2008/11/08 22:43:33 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\xlvsqovt.dll
[2008/11/07 22:42:04 | 001,932,262 | -HS- | C] () -- C:\WINDOWS\System32\iqugtrnd.ini
[2008/11/06 22:42:53 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\fkjdqy.dll
[2008/11/06 22:42:49 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\cjhaxvbr.dll
[2008/11/06 22:41:08 | 001,932,253 | -HS- | C] () -- C:\WINDOWS\System32\admbbxhb.ini
[2008/11/06 17:25:13 | 001,928,790 | -HS- | C] () -- C:\WINDOWS\System32\pfnvxklg.ini
[2008/11/06 17:25:07 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\glkxvnfp.dll
[2008/11/06 17:22:11 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\gduabn.dll
[2008/11/06 17:22:07 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\clhkwgtl.dll
[2008/11/05 17:23:49 | 001,916,641 | -HS- | C] () -- C:\WINDOWS\System32\jgdbmtrh.ini
[2008/11/05 17:22:00 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\drfipn.dll
[2008/11/05 17:21:47 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\bcfaskxf.dll
[2008/11/04 08:06:27 | 001,902,306 | -HS- | C] () -- C:\WINDOWS\System32\cmchvsng.ini
[2008/11/04 08:03:27 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\tjoanl.dll
[2008/11/04 08:03:24 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\xyrgdqmi.dll
[2008/11/02 11:13:44 | 001,489,921 | -HS- | C] () -- C:\WINDOWS\System32\shixtwlc.ini
[2008/10/31 21:23:52 | 001,489,903 | -HS- | C] () -- C:\WINDOWS\System32\cxhxvtlm.ini
[2008/10/30 12:09:01 | 001,489,690 | -HS- | C] () -- C:\WINDOWS\System32\rokiojoi.ini
[2008/10/30 12:08:55 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\iojoikor.dll
[2008/10/30 12:06:55 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\sntfxg.dll
[2008/10/30 12:06:52 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\oqiuoufl.dll
[2008/10/28 18:59:53 | 001,049,539 | -HS- | C] () -- C:\WINDOWS\System32\iwqbfuta.ini
[2008/10/27 18:47:05 | 001,049,485 | -HS- | C] () -- C:\WINDOWS\System32\xuheaint.ini
[2008/10/27 18:38:03 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\cljizq.dll
[2008/10/27 18:37:59 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\tfqaltey.dll
[2008/10/26 18:40:46 | 001,425,869 | -HS- | C] () -- C:\WINDOWS\System32\cfmcheme.ini
[2008/10/26 18:40:44 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\emehcmfc.dll
[2008/10/25 18:41:11 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\pssody.dll
[2008/10/25 18:41:08 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\lkcxmcwu.dll
[2008/10/25 18:37:30 | 001,425,851 | -HS- | C] () -- C:\WINDOWS\System32\pvtiimks.ini
[2008/10/25 10:47:20 | 000,006,751 | ---- | C] () -- C:\WINDOWS\35d7b9ckzoor919.dll
[2008/10/24 11:23:11 | 001,428,865 | -HS- | C] () -- C:\WINDOWS\System32\yxvxslcc.ini
[2008/10/24 04:54:43 | 000,013,775 | ---- | C] () -- C:\WINDOWS\System32\59e5szeal910.dll
[2008/10/23 11:21:52 | 000,113,664 | ---- | C] () -- C:\WINDOWS\System32\llrgbm.dll
[2008/10/23 11:21:47 | 000,113,664 | ---- | C] () -- C:\WINDOWS\System32\pdqkaqsm.dll
[2008/10/23 11:20:50 | 001,428,865 | -HS- | C] () -- C:\WINDOWS\System32\gyebmdww.ini
[2008/10/21 07:01:36 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\xkvmlm.dll
[2008/10/21 07:01:32 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\shexarrj.dll
[2008/10/21 07:00:10 | 001,405,367 | -HS- | C] () -- C:\WINDOWS\System32\aoagijfl.ini
[2008/10/19 19:08:10 | 001,355,637 | -HS- | C] () -- C:\WINDOWS\System32\crhnssmw.ini
[2008/10/19 19:03:35 | 000,055,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSSserv.sys
[2008/10/19 18:22:51 | 001,355,610 | -HS- | C] () -- C:\WINDOWS\System32\uxpvqltk.ini
[2008/10/18 18:21:08 | 001,355,610 | -HS- | C] () -- C:\WINDOWS\System32\kurnaibo.ini
[2008/10/18 17:17:26 | 001,355,637 | -HS- | C] () -- C:\WINDOWS\System32\twxlsged.ini
[2008/10/18 17:15:02 | 000,000,831 | -HS- | C] () -- C:\WINDOWS\System32\CIPWaccf.ini2
[2008/10/18 17:15:00 | 000,000,831 | -HS- | C] () -- C:\WINDOWS\System32\CIPWaccf.ini
[2008/10/16 21:44:30 | 000,013,564 | ---- | C] () -- C:\WINDOWS\z5aaaddware3089.dll
[2008/10/14 08:45:54 | 000,012,050 | ---- | C] () -- C:\WINDOWS\80z9py1a5.dll
[2008/10/14 06:41:33 | 000,013,528 | ---- | C] () -- C:\WINDOWS\System32\9bbb5hiefz00.dll
[2008/10/12 17:32:15 | 000,011,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\UimFIO.sys
[2008/10/12 17:32:11 | 000,247,560 | ---- | C] () -- C:\WINDOWS\System32\prgiso.dll
[2008/10/12 17:32:10 | 004,244,744 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll
[2008/10/12 17:32:10 | 000,013,576 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2008/10/12 14:41:44 | 000,015,037 | ---- | C] () -- C:\WINDOWS\System32\1701zs9y3c5.dll
[2008/09/25 10:45:32 | 000,015,110 | ---- | C] () -- C:\WINDOWS\System32\11z75i91763.dll
[2008/09/21 16:44:45 | 000,010,607 | ---- | C] () -- C:\WINDOWS\7624azdwa9e435.dll
[2008/09/20 01:13:29 | 000,016,880 | ---- | C] () -- C:\WINDOWS\69c75zdware17039.dll
[2008/09/19 21:40:01 | 000,004,154 | ---- | C] () -- C:\WINDOWS\System32\1115threzt21359.dll
[2008/09/07 17:58:16 | 000,010,724 | ---- | C] () -- C:\WINDOWS\System32\139475roj239z.dll
[2008/09/06 01:32:39 | 000,010,956 | ---- | C] () -- C:\WINDOWS\1a5e9pzrse637.dll
[2008/08/05 17:04:20 | 000,017,116 | ---- | C] () -- C:\WINDOWS\System32\9457hack9ool7edz.dll
[2008/08/02 09:00:13 | 000,013,744 | ---- | C] () -- C:\WINDOWS\System32\24585s9z645.dll
[2008/08/01 21:40:35 | 000,012,117 | ---- | C] () -- C:\WINDOWS\1z095troj4ea.dll
[2008/08/01 11:20:11 | 000,007,624 | ---- | C] () -- C:\WINDOWS\3z1845py4369.dll
[2008/07/25 09:37:09 | 000,012,595 | ---- | C] () -- C:\WINDOWS\12095zroj6bc9.dll
[2008/07/22 18:08:44 | 000,015,310 | ---- | C] () -- C:\WINDOWS\System32\58aezackdoor18495.dll
[2008/07/09 13:59:51 | 000,015,377 | ---- | C] () -- C:\WINDOWS\19z16spambo5789.dll
[2008/07/08 07:15:23 | 000,011,874 | ---- | C] () -- C:\WINDOWS\24899woz56fc.dll
[2008/07/07 08:07:03 | 000,014,788 | ---- | C] () -- C:\WINDOWS\System32\569bth9zf5099.dll
[2008/06/25 09:40:46 | 000,016,001 | ---- | C] () -- C:\WINDOWS\156cspa9sez445.dll
[2008/06/22 20:22:11 | 000,011,006 | ---- | C] () -- C:\WINDOWS\System32\3932szy512.dll
[2008/06/20 04:22:01 | 000,014,007 | ---- | C] () -- C:\WINDOWS\21151wo9zb4.dll
[2008/06/09 00:21:08 | 000,016,515 | ---- | C] () -- C:\WINDOWS\System32\4f15spywa9e26z7.dll
[2008/05/23 14:16:28 | 000,004,593 | ---- | C] () -- C:\WINDOWS\75dzad5w9re1409.dll
[2008/05/16 04:18:56 | 000,016,232 | ---- | C] () -- C:\WINDOWS\System32\2765spa9se2z82.dll
[2008/05/11 05:06:12 | 000,009,080 | ---- | C] () -- C:\WINDOWS\3435sz92f.dll
[2008/05/10 07:09:10 | 000,005,074 | ---- | C] () -- C:\WINDOWS\System32\1z929s5ambot2ec.dll
[2008/05/04 22:40:32 | 000,015,521 | ---- | C] () -- C:\WINDOWS\5759zorm1f9.dll
[2008/05/02 10:31:37 | 000,002,628 | ---- | C] () -- C:\WINDOWS\2055n9t-a-v5zus5de.dll
[2008/04/27 17:32:48 | 000,013,202 | ---- | C] () -- C:\WINDOWS\System32\199not-a-z5rus6149.dll
[2008/04/17 21:11:45 | 000,013,372 | ---- | C] () -- C:\WINDOWS\73fct5ze9t22043.dll
[2008/04/12 23:39:31 | 000,016,262 | ---- | C] () -- C:\WINDOWS\619daddwa5ez368.dll
[2008/04/11 15:41:40 | 000,013,738 | ---- | C] () -- C:\WINDOWS\System32\7a9av9z975.dll
[2008/03/21 10:39:01 | 000,015,679 | ---- | C] () -- C:\WINDOWS\18059szy316.dll
[2008/03/20 08:41:21 | 000,014,274 | ---- | C] () -- C:\WINDOWS\System32\7d96z59ef2227.dll
[2008/03/14 20:07:45 | 000,014,817 | ---- | C] () -- C:\WINDOWS\25999vi5us2c3z.dll
[2008/03/07 23:44:10 | 000,002,581 | ---- | C] () -- C:\WINDOWS\2494zteal1795.dll
[2008/03/06 09:21:46 | 000,011,599 | ---- | C] () -- C:\WINDOWS\System32\8459rzj525.dll
[2008/03/04 13:45:09 | 000,016,428 | ---- | C] () -- C:\WINDOWS\System32\7be1spz9are2753.dll
[2008/03/02 08:00:59 | 000,007,623 | ---- | C] () -- C:\WINDOWS\System32\1b509ddware95z.dll
[2008/02/27 17:13:18 | 000,015,833 | ---- | C] () -- C:\WINDOWS\System32\59ezspa5se2279.dll
[2008/02/19 06:09:20 | 000,015,701 | ---- | C] () -- C:\WINDOWS\System32\28245h5ckt9ol4zd.dll
[2008/02/16 15:51:04 | 000,011,632 | ---- | C] () -- C:\WINDOWS\System32\5079zvirus5bf.dll
[2008/02/16 10:02:05 | 000,004,689 | ---- | C] () -- C:\WINDOWS\System32\e4bspyzare995.dll
[2008/02/15 02:34:08 | 000,003,524 | ---- | C] () -- C:\WINDOWS\System32\26616w5rz979.dll
[2008/02/14 19:10:01 | 000,013,779 | ---- | C] () -- C:\WINDOWS\125z6spy2739.dll
[2008/02/13 18:26:03 | 000,016,611 | ---- | C] () -- C:\WINDOWS\797avzr2568.dll
[2008/02/13 15:05:10 | 000,012,691 | ---- | C] () -- C:\WINDOWS\2991zvi5us9c.dll
[2008/02/08 19:04:05 | 000,014,281 | ---- | C] () -- C:\WINDOWS\System32\5119sparsez50.dll
[2008/02/06 22:58:23 | 000,003,484 | ---- | C] () -- C:\WINDOWS\1687zsp9596.dll
[2008/01/25 04:17:17 | 000,008,835 | ---- | C] () -- C:\WINDOWS\System32\94817zr5j1e2.dll
[2008/01/13 20:43:32 | 000,007,223 | ---- | C] () -- C:\WINDOWS\System32\6ff6sparsz32559.dll
[2008/01/12 05:41:13 | 000,016,415 | ---- | C] () -- C:\WINDOWS\z4159virusc95.dll
[2008/01/09 18:09:28 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/01/09 11:54:52 | 000,017,601 | ---- | C] () -- C:\WINDOWS\59005spamzot17e.dll
[2008/01/02 00:17:13 | 000,005,561 | ---- | C] () -- C:\WINDOWS\System32\5967zworm3f1.dll
[2007/04/15 12:22:36 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/04/15 12:22:23 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/02/17 04:11:59 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/02/16 04:13:35 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/01/18 16:58:08 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/07/02 10:58:44 | 000,026,880 | ---- | C] () -- C:\WINDOWS\Pynix.dll
[2006/07/02 10:58:44 | 000,025,088 | ---- | C] () -- C:\WINDOWS\dlmax.dll
[2006/07/02 10:58:43 | 000,029,696 | ---- | C] () -- C:\WINDOWS\BTGrab.dll
[2006/07/02 10:58:43 | 000,010,240 | ---- | C] () -- C:\WINDOWS\ZServ.dll
[2006/07/02 10:58:42 | 000,011,008 | ---- | C] () -- C:\WINDOWS\alxtb1.dll
[2006/07/02 10:58:41 | 000,027,136 | ---- | C] () -- C:\WINDOWS\alxie328.dll
[2006/07/02 10:58:41 | 000,021,248 | ---- | C] () -- C:\WINDOWS\alexaie.dll
[2005/09/10 15:37:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/10 15:01:51 | 000,013,568 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/09/10 15:01:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/09/10 14:58:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/09/10 14:52:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/10 14:33:03 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/10 14:12:05 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/09/10 14:05:08 | 000,138,945 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/09/10 14:05:08 | 000,075,418 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/09/10 13:51:28 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/09/10 13:47:00 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/09/10 13:47:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/09/10 13:46:17 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/07/13 12:16:30 | 000,015,360 | --S- | C] () -- C:\WINDOWS\System32\obicx.dll
[2005/05/10 01:52:32 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/04/29 16:42:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/06/16 00:38:02 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 00:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
< End of report >

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Mon 16 Aug 2010, 9:13 am

OTL Extras logfile created on: 8/15/2010 4:54:31 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\HP_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 96.00 Mb Available Physical Memory | 25.00% Memory free
920.00 Mb Paging File | 612.00 Mb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.75 Gb Total Space | 4.72 Gb Free Space | 15.85% Space Free | Partition Type: NTFS
Drive D: | 7.50 Gb Total Space | 2.16 Gb Free Space | 28.77% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 249.00 Mb Total Space | 241.31 Mb Free Space | 96.91% Space Free | Partition Type: FAT32

Computer Name: JULZACMAT
Current User Name: HP_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- ()
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{162B71B8-8464-4680-A086-601D555B331D}" = Apple Mobile Device Support
"{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer
"{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE
"{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{2243C6DC-39EA-4D5E-B743-3AE510A91B3A}" = WeatherBug
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin
"{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08
"{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61A692-5543-4C48-979B-8CEA1C52FE9C}" = PC-Doctor 5 for Windows
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}" = Office 2003 Tour
"{C23587D9-1415-4042-9B3D-43118A4334C7}_is1" = BoontyBox 2.1
"{C26B06A9-27BB-45B0-9873-9C623EC2BA38}" = iTunes
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C83A12B9-B31B-461A-BBD4-CE9B988094F1}" = HP Photosmart Cameras 5.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D518592A-0F1E-40ca-BECB-3D3F026C6B0D}" = CameraDrivers
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E89E02CE-0432-4939-B85A-0040248EF499}" = Defender Pro PC Backup 8.5
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"010D7E30-8019-4477-AE7C-BFBBDE570CB9" = Insaniquarium Deluxe from Hewlett-Packard Desktops (remove only)
"27C7083E-4ECB-4C88-ACC1-0EDA88C00257" = Ricochet Lost Worlds from Hewlett-Packard Desktops (remove only)
"3295A049-B970-4CC5-847C-7ABF14B9F8F1" = Mah Jong Quest from Hewlett-Packard Desktops (remove only)
"36317AE4-57EC-4F3E-B828-009A3DD96BE8" = Polar Bowler from Hewlett-Packard Desktops (remove only)
"46CD7AAB-D3C9-41DB-8AEC-5BD24169B0E1" = Flip Words from Hewlett-Packard Desktops (remove only)
"47298745-7194-4142-AFDA-8BE2EDFDF82E" = Bookworm Deluxe from Hewlett-Packard Desktops (remove only)
"5253F22E-D4B6-49B7-9106-28D9C5395F22" = Barnyard Invasion from Hewlett-Packard Desktops (remove only)
"5F5B2E2A-5924-4DAB-825A-10BEA50A4DA1" = Boggle Supreme from Hewlett-Packard Desktops (remove only)
"703E3900-69DA-47C9-9768-C6514098F149" = Shrek 2 Ogre Bowler from Hewlett-Packard Desktops (remove only)
"7978E9A8-5A11-4406-BA8F-866E120352DF" = Bejeweled 2 Deluxe from Hewlett-Packard Desktops (remove only)
"8C4E79CC-03E1-43AA-9910-9A5113F24603" = Blasterball 2 from Hewlett-Packard Desktops (remove only)
"A9C7B4D4-A866-4696-B115-77B65D0A641A" = Swarm from Hewlett-Packard Desktops (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Antivirus System PRO" = Antivirus System PRO
"B2D3332F-EA2D-42B3-8E4A-F74D052BCBC1" = Polar Golfer from Hewlett-Packard Desktops (remove only)
"B41503CB-5FE0-47E0-87C1-47BA8E660BCC" = Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only)
"C1241092-7183-480A-A289-B5920C7C56D0" = Slingo Deluxe from Hewlett-Packard Desktops (remove only)
"C2C3C2DB-7D8A-4E20-B527-E3149FAECC3A" = Slyder from Hewlett-Packard Desktops (remove only)
"CheckIt Diagnostics" = CheckIt Diagnostics
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"csokuvwaxls" = RON Tool Mxlivemedia
"D11F7128-8CBD-408B-8BF8-034604DEDD42" = Bounce Symphony from Hewlett-Packard Desktops (remove only)
"Defender Pro PC Repair" = Defender Pro PC Repair
"Disney's Toontown Online" = Disney's Toontown Online
"ED8E7ECA-9D6A-46BA-BF46-D97774AA7117" = Digby's Donuts from Hewlett-Packard Desktops (remove only)
"F5215F01-DFC0-475D-A910-6F1AF94E807E" = Tradewinds from Hewlett-Packard Desktops (remove only)
"GamingSquaredConsole" = GamingSquared Console
"HP Document Viewer" = HP Document Viewer 5.3
"HP Game Console" = HP Game Console and games
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"Install WeatherBug" = Remove WeatherBug Installer
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{AB61A692-5543-4C48-979B-8CEA1C52FE9C}" = PC-Doctor 5 for Windows
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money 2005
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"PokerStars" = PokerStars
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"SiS VGA Driver" = SiS VGA Utilities
"TBSB04757.TBSB04757Toolbar" = Freeze.com Toolbar
"uuuubd" = Favorit
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Safety Alert" = Windows Safety Alert
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"Zumie" = Zumie Search 1.0 build 136

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ESPN Java Check" = ESPN Java Check

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/11/2010 2:44:01 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 5/12/2010 2:44:00 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 5/13/2010 2:44:01 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 5/14/2010 2:44:01 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 5/15/2010 2:44:01 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/2/2010 11:23:31 PM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/3/2010 12:11:37 AM | Computer Name = JULZACMAT | Source = Application Hang | ID = 1002
Description = Hanging application qw.exe, version 14.1.3.10, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/3/2010 12:14:29 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/3/2010 12:14:46 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

Error - 8/11/2010 9:05:03 AM | Computer Name = JULZACMAT | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070422, P2 updateservicemanager-_get_services,
P3 fallbackcheck, P4 1.1.1593.0, P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender,
P8 NIL, P9 NIL, P10 NIL.

[ System Events ]
Error - 8/3/2010 12:17:11 AM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the crd service to connect.

Error - 8/3/2010 12:17:11 AM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7000
Description = The crd service failed to start due to the following error: %%1053

Error - 8/11/2010 8:45:42 AM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 8/11/2010 8:49:32 AM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 8/11/2010 9:04:58 AM | Computer Name = JULZACMAT | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 8/11/2010 9:04:58 AM | Computer Name = JULZACMAT | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 8/15/2010 4:22:48 PM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 8/15/2010 4:26:21 PM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

Error - 8/15/2010 5:52:15 PM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
ftsata2

Error - 8/15/2010 5:55:37 PM | Computer Name = JULZACMAT | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460


< End of report >

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Tue 17 Aug 2010, 5:16 am

Transfered MalwareBytes to his computer and ran the scan. Here's the log:

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4052

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

8/16/2010 11:58:56 AM
mbam-log-2010-08-16 (11-58-56).txt

Scan type: Quick scan
Objects scanned: 129718
Time elapsed: 23 minute(s), 26 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 4
Registry Keys Infected: 112
Registry Values Infected: 18
Registry Data Items Infected: 15
Folders Infected: 43
Files Infected: 612

Memory Processes Infected:
C:\WINDOWS\asam.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:
C:\WINDOWS\system32\mrvykvdl.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\lsp.dll (Trojan.Proxy) -> Delete on reboot.
C:\WINDOWS\system32\qcdzjp.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\obicx.dll (Trojan.Zlob) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c1aa28f-4b43-4959-b37a-78f8ba415d6d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c1aa28f-4b43-4959-b37a-78f8ba415d6d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{fb357e54-83f1-4a3c-80a2-319201ed6c17} (Trojan.Zlob.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{fbb40fdf-b715-4342-ab82-244ecc66e979} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb04757.ietoolbar (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77aa25e8-6083-4949-a831-9cb11861dc10} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6abb739a-787b-495b-82b8-1526b804e912} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea5c58ae-7db0-40c3-baae-ba9008a243eb} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb04757.ietoolbar.1 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb04757.tbsb04757 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\tbsb04757.tbsb04757.3 (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\z444.z444mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\z444.z444mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bd5258af-20ae-4bd3-b748-b2851aca7335} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{4a40e8fc-c7e4-4f57-9fa4-85dd77402897} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{995e885e-3ff5-4f66-a107-8bfb3a0f8f12} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac801baac83818c9 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{22e1eff7-d8dd-4bbc-9ce8-87edbe8c1a40} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46d7049a-9db9-4aec-82b1-f101b9367cb1} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22e1eff7-d8dd-4bbc-9ce8-87edbe8c1a40} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46d7049a-9db9-4aec-82b1-f101b9367cb1} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8c1aa28f-4b43-4959-b37a-78f8ba415d6d} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ensfolr.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SaveKeep (Rogue.SaveKeep) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Spyware-Secure (Rogue.SpywareSecure) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Somefox (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c97f32a (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{fb357e54-83f1-4a3c-80a2-319201ed6c17} (Trojan.Zlob.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{46d7049a-9db9-4aec-82b1-f101b9367cb1} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ahmnwrbk (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pvrevqea (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ahmnwrbk (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pvrevqea (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\savekeep (Rogue.SaveKeep) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\adp (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\System (Rootkit.DNSChanger.H) -> Data: kdmob.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\HP_Owner\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn (Hijack.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/ie6.html) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\(default) (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com/search?q=%s) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.SearchPage) -> Bad: (http://windiwsfsearch.com) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{66b6323b-5790-4cac-a50b-d8435105c638}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.114.12,85.255.112.91 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{66b6323b-5790-4cac-a50b-d8435105c638}\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.12,85.255.112.91 -> Delete on reboot.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\IESkins (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0 (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOI (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOI\dynamic (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOI\static (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\dynamic (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\DownLoad (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML (Trojan.Agent) -> Files: 738 -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\ustat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0 (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\311496 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\675873 (Trojan.BHO) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\qcdzjp.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mrvykvdl.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\obicx.dll (Trojan.Zlob.H) -> Delete on reboot.
C:\WINDOWS\system32\kdmob.exe (Rootkit.DNSChanger.H) -> Delete on reboot.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\uuuubd_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\uuuubd_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\uuuubd.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\uuuubd.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lsp.dll (Trojan.Proxy) -> Delete on reboot.
C:\WINDOWS\asam.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\SeekmoSAAX.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Program Files\Freeze.com Toolbar\freeze_us.dll (Adware.Softomate) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\SeekmoSADF.exe (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\675873\675873.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhpeew.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lkcxmcwu.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\llrgbm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lmdljpyx.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mpoyjf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pdqkaqsm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\quowvyrb.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qveaumee.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qwzebd.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qxxjjitu.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\slsqxx.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bmixcwiv.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bvcwxd.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hrtmbdgj.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iarvejku.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iehelper.dll.vir (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lundgx.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lwxbotdp.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lyipkmug.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vnveguxy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vrmhmsms.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vsxctqsb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vyrkxfwr.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tfqaltey.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tiiaukdh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tjoanl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tkzyuy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\toqarueo.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uxaegmqv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wobctbya.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aemwambo.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aggbbeew.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aiugwfrh.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\arufthnm.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atsgcz.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atufbqwi.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cclsxvxy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cljizq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clwtxihs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\docuyern.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drfipn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dsohxaqw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dyudksxo.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\eaukdmcl.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ehvnij.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emehcmfc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\emqypiom.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\epajqw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\erthudjy.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\famkaolg.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fefiyvhq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fhnngz.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fkfdkc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fkistllh.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\flfusa.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gnsvhcmc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gocrapag.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\guonaqug.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hbtugioj.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hnogvwql.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifqmbjke.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ifrbbggd.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ihksegfr.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\imriyeoq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kcgeic.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kdvzqb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kecrrq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mgbtfcvw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mgzhrz.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhtofi.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mifsyscv.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nonbzw.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nouwlfku.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nryimaca.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ofpeji.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oocjdfoc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oqxjyb.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pyrxqaem.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qcnfma.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qhfewa.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rrgmdnuh.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rwphjk.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rwvtfmoo.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sb9pwoqw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sfmkca.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\suqaoqqg.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\syhpagwa.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tsicob.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ttiuubbn.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urkxur.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\weyukpkd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urtynp.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wdoawdbm.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wpykys.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wrrcpyis.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wwaglngi.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wzhzcl.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xbskiwlg.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xkcktvwt.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xrocpphq.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xwpcuooe.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xyrgdqmi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yctibx.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yzkfee.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pssody.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pucyfn.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pvtctc.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iylmsoxo.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jeqovqny.exe (Trojan.LowZones) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jlfohdvs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jmvripeq.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bbbhle.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bcdrtxrn.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bcfaskxf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bcfvaf.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bgpzcs.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zpsdjn.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\MSASCui.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\syssvc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\syssvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\010108ya9_arrow.ani (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\010108ya9_cr.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\010108ya9_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\040107ta318_arrow.ani (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\040107ta318_cr.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\040107ta318_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\eskin\FileManager.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte10_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte11_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte12_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte13_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte14_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte19_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte20_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte21_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030104_emte9_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\030203lib_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102angel_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102bigluf_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Tue 17 Aug 2010, 5:17 am

C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102bigsmile_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102birthday_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102cheers_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102flo_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102good_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102jump_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102king_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102lough_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102luf_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102smiled_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102smile_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102sor_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102thanx_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\033102uhu_1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\040103ahh_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\040103wow_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\040104_emi2_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\042102_1134_112_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\050103big_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\050103gig_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\050103hm_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\050103nomail_emoti_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\050103norm_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema15_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema16_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema17_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema18_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema19_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema20_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema21_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema24_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema25_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema26_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema30_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema33_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\060104_ema34_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\062802hippi_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\062802jumpie_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\080402argh_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\080402oops_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\080402ouch_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\082502no_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\082502yes_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_boring1_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_confused_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_crying_ugly_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_fantastic_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_feel_better_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_gimme_break_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_heehee_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_hlopaet_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_ign_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_lol_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_no_comment_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_peace_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_smashing_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\110103_talk2thehand_prv.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\blocked.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\blocked2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\block_sm.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\block_sm2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\block_smli.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\block_smli2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_add-but.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_back-but.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_left_cut_enabled_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_left_enabled_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_left_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_middle_enabled_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_middle_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_right_cut_enabled_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_right_enabled_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\btn_right_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\business_promo.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\buttondir.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\components.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\css2_main.css (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\css2_pagingmodule.css (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\css2_topbuttons.css (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\css_cattree.css (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\css_flashpreview.css (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\cursors.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\delete.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\edit_clear_sound.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\edit_fs.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\edit_select.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-543450.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-548964.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-589306.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-591943.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-592579.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-598579.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-603763.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-9595.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511724-9696.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-511745-514279.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-backgrounds.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-bcards.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-ecards.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-emoticons.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-estationery.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-funny.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-help.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-images.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-info.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-more.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-my.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-new.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-new2.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-options.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-people.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-photo.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-tell.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-temp.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-text.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def-email-voice.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-def.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-premium-email-premium.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-t1-bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\email-temp-bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\estatationery.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\flashpatch.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\flashpreview.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\fs3.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\hotbar_promo.htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_checked_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_close_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_close_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_edit_preview.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_edit_send.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_flash_preview.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_recently_used.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_remove_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_remove_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_sand-clock2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_tell_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_tell_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_tree_null.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_unchecked_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\icon_unchecked_pressed_1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\img_barlayout.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\img_barlayout2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\img_barlayout4.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\img_corner_left.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\img_local_logo.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_basetemplate.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_hbgroups.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_hbobject3.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_hbobjectset3.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_hotbarwrapper.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_iteratorsandreaders3nf.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_pagingmoduleobj3.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_texts3.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\js2_xmltree3nf.js (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\layout.cdf (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\linkpathlegal.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\n.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\nav_bb_2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\nav_b_2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\nav_ff_2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\nav_f_2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\progress.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\pro_hb_fo_word.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\sales_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\searchbtn.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\seekmo_btn.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\submit.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_bg.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_bga.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_bgia.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_l.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_la.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_lia.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_r.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_ra.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tab_ria.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\treedata_animations.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\treedata_backgrounds.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\treedata_ecards.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\treedata_emoticons.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\treedata_notifiers.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\treedata_text.xml (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tree_dots.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tree_minus.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\HostOL\static\1\tree_plus.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1006428.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1055766.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1056004.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1056760.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1056834.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1056965.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1057185.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1064372.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1065088.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1067612.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1085507.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1137453.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1197683.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\126826.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1338410.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1385232.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1385267.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1386061.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1387661.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1389807.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1390466.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1393191.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1398104.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1403189.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1404973.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1406946.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1407182.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1408054.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1408056.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\1556859.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\166334.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\180552.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\193328.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2034940.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\205787.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2153895.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2208948.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2336680.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2590073.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\287322.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2883915.sdf (Trojan.Agent) -> Quarantined and deleted successfully.

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Tue 17 Aug 2010, 5:17 am

C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2885061.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2885069.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2899625.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2899627.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2899655.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2901287.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2901962.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\2903573.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3240891.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3262999.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\331148.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3323218.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3384337.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3385108.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3385456.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3419267.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3472949.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3698739.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3709044.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3720808.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3756192.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\382210.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3852296.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3852424.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3854426.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3855406.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3862708.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3868101.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893165.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893180.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893245.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893317.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893553.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893642.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3893969.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\3894099.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\40291.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\427607.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\44669.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\453077.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\468284.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\48657.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\524567.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\542084.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\564349.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\568764.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\600583.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\625696.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\659011.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\663886.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\690129.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\777882.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\790561.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\797314.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\859800.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\881947.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\890068.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\914605.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\942306.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\948597.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\985671.sdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\domains.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\dynamic\ustat\3709.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\btntrans.idx (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\btntrans1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\buttondir.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\components.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\cursors.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\default.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_511745-514279.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_categorize.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_comparison.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-Mails.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-people.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_favorites.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Games.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Hide.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_hotbarcom.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Hotmail.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_hsskin.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_Mails.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_new.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_premium.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_searchfor.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_searchgo.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_weather.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Default_yellowpages.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_1000.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_2000.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_3000.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bar.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bbar1.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_logos.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_other.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\d_icons_weather.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-548964.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-9595.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\email-t1-bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\icons2.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\ie_games_icon.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\ie_video.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\keywords.idx (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\keywords1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\layout.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\linkpathlegal.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\progress.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\sales_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\seekmo.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\seekmo_ie_menu.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\s_icons_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\t2_bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\theweb.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\top7.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\Top7_theweb.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\1\tsd_bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\btntrans.idx (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\btntrans1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\buttondir.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\components.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\cursors.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\default.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_511745-514279.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_categorize.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_comparison.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_explorer-Mails.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_explorer-people.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_favorites.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Games.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Hide.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_hotbarcom.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Hotmail.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_hsskin.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_Mails.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_new.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_premium.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_searchfor.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_searchgo.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_weather.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Default_yellowpages.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_1000.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_2000.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_3000.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bar.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bbar1.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_logos.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_other.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\d_icons_weather.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-548964.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-9595.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\email-t1-bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\icons2.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\ie_games_icon.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\ie_video.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\keywords.idx (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\keywords1.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\layout.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\linkpathlegal.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\progress.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\sales_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\seekmo.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\seekmo_ie_menu.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\s_icons_buttons.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\t2_bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\theweb.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\top7.cdf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\Top7_theweb.mnu (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\2\tsd_bg.res (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans1.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\buttondir.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\cursors.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\default.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_weather.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\email-t1-bg.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\icons2.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_games_icon.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_video.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords1.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\layout.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\linkpathlegal.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\progress.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\sales_buttons.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.txt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\s_icons_buttons.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\t2_bg.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\top7.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\Seekmo\v3.0\Seekmo\static\DownLoad\tsd_bg.xip (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEULA.mht (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\HostOE.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\SeekmoSAHook.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions\plugins\npclntax_SeekmoSA.dll (Adware.180Solutions) -> Quarantined and deleted successfully.
C:\autorun.inf (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\311496\311496.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\qlceoccyq\opheuvitssd.exe (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\dlwosggiw\pxpxlhptssd.exe (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\My Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Owner\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\TDSSserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\herjek.config (Malware.Trace) -> Quarantined and deleted successfully.

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by Belahzur on Tue 17 Aug 2010, 10:48 am

Hello.

  • Download combofix from here
    Link 1
    Link 2

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Tue 17 Aug 2010, 2:29 pm

Internet access has been restored! Here's the Combofix log:



ComboFix 10-08-16.03 - HP_Owner 08/16/2010 21:40:26.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.383.113 [GMT -5:00]
Running from: c:\documents and settings\HP_Owner\Desktop\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\data
c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\All Users\Application Data\Software Licensors
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\20081013203245265.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\asproxp.exe
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081011102059046.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081011102352265.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081012172735484.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081012173519390.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081012220347968.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081013071621937.log
c:\documents and settings\All Users\Application Data\Software Licensors\Antispyware PRO XP\LOG\20081013191746421.log
c:\documents and settings\HP_Owner\Local Settings\Temp\IadHide5.dll
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\4upTLP.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\58868J2p.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\824MMP83.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\AxOObxLbK.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\bKM45Ym4p.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\F1Eq1.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\VB35bki3.jpg
c:\documents and settings\HP_Owner\Local Settings\Temporary Internet Files\xE3iP.jpg
c:\program files\Freeze.com Toolbar
c:\program files\Freeze.com Toolbar\autosearch_plugin.dll
c:\program files\Freeze.com Toolbar\basis.xml
c:\program files\Freeze.com Toolbar\freeze.bmp
c:\program files\Freeze.com Toolbar\freeze_us.crc
c:\program files\Freeze.com Toolbar\freeze_us.inf
c:\program files\Freeze.com Toolbar\frzToolbar_logo.bmp
c:\program files\Freeze.com Toolbar\icons.bmp
c:\program files\Freeze.com Toolbar\info.txt
c:\program files\Freeze.com Toolbar\options.html
c:\program files\Freeze.com Toolbar\powered_yahoo_search.bmp
c:\program files\Freeze.com Toolbar\tbhelper.dll
c:\program files\Freeze.com Toolbar\uninstall.exe
c:\program files\Freeze.com Toolbar\update.exe
c:\program files\Freeze.com Toolbar\version.txt
c:\program files\Freeze.com Toolbar\whiteList_plugin.dll
c:\program files\Zumie
c:\program files\Zumie\home.js
c:\program files\Zumie\readme.html
c:\program files\Zumie\uninstall.exe
c:\program files\Zumie\zopt.exe
c:\program files\Zumie\zumie.exe
c:\windows\1085downloadz52999.bin
c:\windows\10z41spa5bote9.exe
c:\windows\11167hac5tool7z9.exe
c:\windows\111895zr9709.ocx
c:\windows\11259no9-5-viruz6be.cpl
c:\windows\11298zpamb5t4d0.cpl
c:\windows\11499zot-a-5irus571.ocx
c:\windows\1150vz918075.ocx
c:\windows\118995zambot4c3.bin
c:\windows\11z5i9194.bin
c:\windows\12095zroj6bc9.dll
c:\windows\12410zo9-a-virus2b5.cpl
c:\windows\12459azk5oor294.dll
c:\windows\1259worm5z4.cpl
c:\windows\125z6spy2739.dll
c:\windows\1295z5rus3aa.ocx
c:\windows\13549z5y47b.bin
c:\windows\13759not-a9vi5uz6eb.exe
c:\windows\13f6zownlo9de51995.ocx
c:\windows\1451spzrse449.exe
c:\windows\1452spywa9z3155.exe
c:\windows\1469worz45a.dll
c:\windows\148zste9l2527.exe
c:\windows\14962hac5tool1fz.bin
c:\windows\15409hacztool31c.bin
c:\windows\15664hackz5ol599.cpl
c:\windows\156cspa9sez445.dll
c:\windows\156fthrea51z937.ocx
c:\windows\15711v9ruz64d.bin
c:\windows\1575downloaze91875.exe
c:\windows\15776s9am5ot5z4.ocx
c:\windows\15794nzt-a-virus52.bin
c:\windows\1590zp9rse252.bin
c:\windows\15955spam9zt407.exe
c:\windows\1631zsp59bot242.exe
c:\windows\1687zsp9596.dll
c:\windows\169z5troj7dd.exe
c:\windows\16e4sz9rse5332.bin
c:\windows\17279not-a-viru5721z.cpl
c:\windows\1737not-9-virusz895.exe
c:\windows\173z79irus549.ocx
c:\windows\17595not-a-vzrus79a.dll
c:\windows\17aabackd5or2z69.ocx
c:\windows\18059szy316.dll
c:\windows\18059vzrus155.dll
c:\windows\18160ha5ktzol56b9.bin
c:\windows\190229zru5661.bin
c:\windows\19309sp562z.exe
c:\windows\1950trz57949.exe
c:\windows\19755spamz9tdd.exe
c:\windows\19829zpy59e5.exe
c:\windows\1999w9rmze05.ocx
c:\windows\199ethze59293.cpl
c:\windows\19c3addware5834z.bin
c:\windows\19e25zr824.bin
c:\windows\19z16spambo5789.dll
c:\windows\1a5e9pzrse637.dll
c:\windows\1az9bac5door418.ocx
c:\windows\1c249ir5z5.dll
c:\windows\1f9aspywaz52443.dll
c:\windows\1z095troj4ea.dll
c:\windows\1z5119irus616.ocx
c:\windows\1z547wo9m15a.bin
c:\windows\1z554s5am9ot563.bin
c:\windows\2039zspambot35c.cpl
c:\windows\203z45roj398.dll
c:\windows\20549viru91z3.dll
c:\windows\2055n9t-a-v5zus5de.dll
c:\windows\21151wo9zb4.dll
c:\windows\21642zorm395.bin
c:\windows\22296vi5zsc0.bin
c:\windows\2229sp5ze5.exe
c:\windows\22318ha5ktoolz95.bin
c:\windows\22903notza-vir5s936.ocx
c:\windows\23195rzat15474.dll
c:\windows\23532not9a-virus1z2.bin
c:\windows\2359a5ktzol36f.ocx
c:\windows\2384295zm392.bin
c:\windows\23b7z9r5147.ocx
c:\windows\24227zroj985.exe
c:\windows\245169pamb5t7z6.bin
c:\windows\24555t9oj4zc.cpl
c:\windows\24899woz56fc.dll
c:\windows\2494zteal1795.dll
c:\windows\25385wor955z.dll
c:\windows\25759worz5cd.ocx
c:\windows\25777hac9zoolda5.bin
c:\windows\25863wo9m53z.exe
c:\windows\259055irus6z8.cpl
c:\windows\259089iruzbc.ocx
c:\windows\25992spambzt405.ocx
c:\windows\25999vi5us2c3z.dll
c:\windows\25d09ackzoor876.bin
c:\windows\26011v5r9z34c.ocx
c:\windows\2612959oj58ez.exe
c:\windows\261z3spambot935.dll
c:\windows\26588spa9bot2c0z.bin
c:\windows\26612ha5kto9z41d.bin
c:\windows\26689par5e13z8.cpl
c:\windows\269z2spambo955c.exe
c:\windows\26z59or52b1.exe
c:\windows\27109worm9z5.cpl
c:\windows\27438vzrus50c9.dll
c:\windows\2753359zus7a3.dll
c:\windows\27904spambo5745z.cpl
c:\windows\27z05v9rus223.cpl
c:\windows\28283s5ambzt5f9.cpl
c:\windows\28422wozm957.exe
c:\windows\286859pambot4e1z.bin
c:\windows\28704worm5z9.dll
c:\windows\28b5down9oader175z5.dll
c:\windows\29015wzrm249.exe
c:\windows\2905zspy502.ocx
c:\windows\293fbaczdoo52715.exe
c:\windows\29452ha95tool4c9z.ocx
c:\windows\2945thiefz925.exe
c:\windows\295zdownloader985.dll
c:\windows\2991zvi5us9c.dll
c:\windows\29dz5teal1998.bin
c:\windows\29z97worm5175.exe
c:\windows\2a58a9dwarez2875.exe
c:\windows\2a88s5zal29419.dll
c:\windows\2ac9s5ars938z.exe
c:\windows\2b35z9ief660.ocx
c:\windows\2c07vir9165z.ocx
c:\windows\2e5zstea95113.cpl
c:\windows\2f5bspywar9255z.bin
c:\windows\2f89ad9wzre582.bin
c:\windows\2fcste5l96z3.cpl
c:\windows\2z191spy69c5.cpl
c:\windows\2z74ste5l2899.bin
c:\windows\2z819sp57b79.cpl
c:\windows\2za15p9rse92.bin
c:\windows\2ze5spyw5r9805.ocx
c:\windows\3029795y30z.bin
c:\windows\308z75pambot5c89.dll
c:\windows\30d9thze9520939.exe
c:\windows\316bv5rz896.dll
c:\windows\31954noz-a-vi5us2a3.bin
c:\windows\31b095arse2z42.ocx
c:\windows\32a5spazse22639.bin
c:\windows\3340dowzloader4859.exe
c:\windows\335fdozn9oader2933.exe
c:\windows\3435sz92f.dll
c:\windows\3459backdzor2859.cpl
c:\windows\3459zir1951.dll
c:\windows\3516spy9arz2746.dll
c:\windows\351z2spy3179.exe
c:\windows\3576nzt-a-vi9us209.cpl
c:\windows\35b9sparze539.ocx
c:\windows\35d7b9ckzoor919.dll
c:\windows\35fthreat9z057.exe
c:\windows\369ha5ktozl452.cpl
c:\windows\36c9spzwa5e1132.exe
c:\windows\3765backdooz56339.cpl
c:\windows\3900threzt934005.dll
c:\windows\39144woz533d.bin
c:\windows\3925ac9door1162z.bin
c:\windows\3953spywarz796.cpl
c:\windows\3955viru972z.dll
c:\windows\3abazk95or1394.ocx
c:\windows\3f21s9zr5e1940.cpl
c:\windows\3z1845py4369.dll
c:\windows\3z227s9am5ot79b.ocx
c:\windows\3z9spa9se7085.cpl
c:\windows\3zd0sp5r9e2700.exe
c:\windows\4051zir9s25a.ocx
c:\windows\4090backd5orz44.ocx
c:\windows\411fs9arze405.exe
c:\windows\4155threat2z99.dll
c:\windows\4180zpam9ot4c5.cpl
c:\windows\4192t9oz15e.exe
c:\windows\4349stea57z7.ocx
c:\windows\4426sp54z59.ocx
c:\windows\44z6troj5049.cpl
c:\windows\450zpa5se9216.bin
c:\windows\4511downzoader959.bin
c:\windows\4619vzr5s725.ocx
c:\windows\4682s5e9z2857.ocx
c:\windows\469es95al1118z.ocx
c:\windows\46f5stea5290z.exe
c:\windows\4805thief2z49.cpl
c:\windows\4826hacktz5953.ocx
c:\windows\490dspyw5rz1937.bin
c:\windows\49495ddware1974z.exe
c:\windows\4bf8spywz591395.bin
c:\windows\4ce7spzrse50739.bin
c:\windows\4d54thizf479.cpl
c:\windows\4dd5bzckd9o5864.cpl
c:\windows\4fcabackdo9rz95.bin
c:\windows\4fz5downl5ad9r1103.cpl
c:\windows\5009zspamb9t7ca.exe
c:\windows\506dzac9door3098.exe
c:\windows\50ezthreat2449.bin
c:\windows\5134spam9ot2z9.cpl
c:\windows\518hac59ooz3c1.exe
c:\windows\523z9s9ambot5b4.ocx
c:\windows\5241tzi5f9253.ocx
c:\windows\52599hacztool130.cpl
c:\windows\52959nzt-a-virus4b9.bin
c:\windows\52threat2545z9.exe
c:\windows\53175zr6909.bin
c:\windows\535spaz9o54db.dll
c:\windows\5429stezl9076.cpl
c:\windows\5469t5zj49d.dll
c:\windows\549fspzware557.ocx
c:\windows\5556spamb9tzbe.exe
c:\windows\5599szy5c5.ocx
c:\windows\5599viz795.bin
c:\windows\55f0ba5kdoor1z93.bin
c:\windows\55z0wo9m454.bin
c:\windows\5619wzrm390.bin
c:\windows\56e7downlozder1905.exe
c:\windows\5759virz079.ocx
c:\windows\5759zorm1f9.dll
c:\windows\57857tr9j3z3.exe
c:\windows\57ce9tealz26.cpl
c:\windows\57f5zhreat502739.cpl
c:\windows\58025zr3964.bin
c:\windows\5829vir1z989.ocx
c:\windows\5849z9py250.cpl
c:\windows\58c9thi5z3274.dll
c:\windows\58d5s9arse55z0.cpl
c:\windows\58z1h5cktool91.exe
c:\windows\58z8virus1879.dll
c:\windows\59005spamzot17e.dll
c:\windows\59121worm2d9z.ocx
c:\windows\591espzware1095.ocx
c:\windows\5976do5nlozder2594.cpl
c:\windows\597zsparse1175.exe
c:\windows\5986sp5wa9e197z.exe
c:\windows\5996zhacktool904.cpl
c:\windows\5b42do5nloadzr409.exe
c:\windows\5b81bazkd9o51795.exe
c:\windows\5d3bthief967z.exe
c:\windows\5ef5sz5al9307.bin
c:\windows\5f30add9aze2458.cpl
c:\windows\5f8cba9kd5or1591z.cpl
c:\windows\5z3thre9t13720.bin
c:\windows\5z67not-9-virus5fc.ocx
c:\windows\5z7spamb9t3b5.ocx
c:\windows\5zd5add9are80.cpl
c:\windows\5zfaddware1958.ocx
c:\windows\6045zo9m105.bin
c:\windows\60z0tr9j59d.exe
c:\windows\619daddwa5ez368.dll
c:\windows\629spzware582.cpl
c:\windows\6360addza5e23729.ocx
c:\windows\64579pywarz3199.ocx
c:\windows\6567zpa9se5286.bin
c:\windows\657s9a5ze1589.bin
c:\windows\659zt95j130.dll
c:\windows\65b9addwzre3073.bin
c:\windows\6629z5r751.dll
c:\windows\664ba5k9ozr1291.bin
c:\windows\6669zpambot55d.ocx
c:\windows\6693hackt5ol69fz.ocx
c:\windows\6757tr9z54a.bin
c:\windows\6869do5nloadez3987.exe
c:\windows\691vz51159.bin
c:\windows\698thief2z55.cpl
c:\windows\6998a5dwarez265.ocx
c:\windows\69c75zdware17039.dll
c:\windows\6b39szarse9105.bin
c:\windows\6b9a5d9waze1742.cpl
c:\windows\6bb1th59fz83.exe
c:\windows\6be3adzwar92523.exe
c:\windows\6dfbzackdo9r1505.exe
c:\windows\6f52downzoa9er296.ocx
c:\windows\6fcathi59z698.ocx
c:\windows\7050zir9532.ocx
c:\windows\7054zte9l2552.bin
c:\windows\70c9bac5do9r2857z.bin
c:\windows\71355teaz9304.dll
c:\windows\7169thizf1558.exe
c:\windows\7192backdoor135z.ocx
c:\windows\7251stz9l2245.bin
c:\windows\726zspar9e12145.bin
c:\windows\73fct5ze9t22043.dll
c:\windows\759cz5eal2949.ocx
c:\windows\75acbackdoorz039.exe
c:\windows\75dzad5w9re1409.dll
c:\windows\75zbthreat19199.ocx
c:\windows\75zethr5a99449.cpl
c:\windows\7624azdwa9e435.dll
c:\windows\7747downloadz92956.cpl
c:\windows\77b5vzr2599.exe
c:\windows\7856backdzo94075.bin
c:\windows\797avzr2568.dll
c:\windows\7982vz5us6a.dll
c:\windows\7cf0ad9wa5z244.bin
c:\windows\7fz69hi5f638.ocx
c:\windows\7z26tr5j794.dll
c:\windows\7z40dow5loader1009.exe
c:\windows\7z5aba9k5oor1563.dll
c:\windows\7z69th59f3170.bin
c:\windows\80z9py1a5.dll
c:\windows\82479izus756.cpl
c:\windows\8392w59mz.cpl
c:\windows\85399ac5tool1z2.exe
c:\windows\8593zot-a-vir5s423.cpl
c:\windows\8777tr5j5z9.ocx
c:\windows\879backdoorz2825.exe
c:\windows\9029haczto957d9.ocx
c:\windows\91z27sp5mbot158.cpl
c:\windows\92645troj75az.cpl
c:\windows\9283zorm575.ocx
c:\windows\93051zroj7b5.cpl
c:\windows\93187wormz35.cpl
c:\windows\93413not-5-zirus778.bin
c:\windows\9405sp59zot1c3.exe
c:\windows\94zvir9511.bin
c:\windows\95267hackzool40a.dll
c:\windows\9549zp9cd.exe
c:\windows\954spyware3z39.cpl
c:\windows\9555spzmb95574.ocx
c:\windows\95c0addware1375z.dll
c:\windows\96z2thief5785.dll
c:\windows\973aszea51335.ocx
c:\windows\989z3hackto5l742.ocx
c:\windows\9905spz9bot6de.cpl
c:\windows\9908wozm5345.bin
c:\windows\990a9zw5re257.dll
c:\windows\99285ownloaderz049.exe
c:\windows\9952spamb9t5z0.exe
c:\windows\9959dz5are711.exe
c:\windows\9969sp5warez142.bin
c:\windows\9985z5rm704.exe
c:\windows\9a07threat5z3.dll
c:\windows\9a32stzal1957.cpl
c:\windows\9afazteal567.bin
c:\windows\9c135tezl1487.dll
c:\windows\9c9stea52323z.exe
c:\windows\9d5sp5rze1658.cpl
c:\windows\9z6fth5ef1917.dll
c:\windows\9z94spambot6f15.cpl
c:\windows\a6down9zade52296.bin
c:\windows\aebdownloa5erz933.exe
c:\windows\alexaie.dll
c:\windows\alxie328.dll
c:\windows\alxtb1.dll
c:\windows\az39ownloader605.dll
c:\windows\btgrab.dll
c:\windows\c75s9arze2845.cpl
c:\windows\d5zspywa9e2714.ocx
c:\windows\dlmax.dll
c:\windows\ef49own5oader366z.cpl
c:\windows\f879ddwa5e3z75.ocx
c:\windows\fcbazkd9or1593.cpl
c:\windows\pynix.dll
c:\windows\search_res.txt
c:\windows\susp.exe
c:\windows\system32\10073s9ambo5z5b.dll
c:\windows\system32\10120h5ckzool49a.cpl
c:\windows\system32\101z1hac95oolc5.cpl
c:\windows\system32\10429vir5s16cz.bin
c:\windows\system32\1046359ruz624.exe
c:\windows\system32\10793wozm559.cpl
c:\windows\system32\10994worm5z55.dll
c:\windows\system32\1115threzt21359.dll
c:\windows\system32\11397no5-a-9zrus706.ocx
c:\windows\system32\11498hac9zool53f.exe
c:\windows\system32\11981s5y193z.cpl
c:\windows\system32\11z75i91763.dll
c:\windows\system32\12075tr9555az.dll
c:\windows\system32\12299zr5j585.bin
c:\windows\system32\12699worz59d.cpl
c:\windows\system32\127055ackt9ol696z.exe
c:\windows\system32\12z63v5rus5a9.exe
c:\windows\system32\13119tzo56c5.bin
c:\windows\system32\13178not9a5zirus67c.ocx
c:\windows\system32\13865spa9botzac.ocx
c:\windows\system32\139475roj239z.dll
c:\windows\system32\13ez9parse1555.exe
c:\windows\system32\14514hacktool3z19.cpl
c:\windows\system32\15092wozm368.bin
c:\windows\system32\15483vi9usz.ocx
c:\windows\system32\15579irz05.exe
c:\windows\system32\15718spzmbo9f7.cpl
c:\windows\system32\1585zv9rus69.exe
c:\windows\system32\1591spz105.ocx
c:\windows\system32\15z739py27c.bin
c:\windows\system32\15z85troj792.cpl
c:\windows\system32\16584hac9tool3z2.cpl
c:\windows\system32\16938not-azvir9s1845.cpl
c:\windows\system32\1701zs9y3c5.dll
c:\windows\system32\172fd5wnzo9der2591.ocx
c:\windows\system32\1755ac9zool235.exe
c:\windows\system32\17725py99z.ocx
c:\windows\system32\177739ackto5l261z.ocx
c:\windows\system32\17890sp9m5ot440z.cpl
c:\windows\system32\17997not5z-vi9us7ee.dll
c:\windows\system32\185ethreat92z52.ocx
c:\windows\system32\1896downloadez5565.ocx
c:\windows\system32\18e5ba9kdoor3053z.ocx
c:\windows\system32\1909thzef2853.cpl
c:\windows\system32\19715not-a-5izu9477.exe
c:\windows\system32\19859hacktzol559.dll
c:\windows\system32\19893vi5uz258.cpl
c:\windows\system32\19995h9cktool2z65.bin
c:\windows\system32\199not-a-z5rus6149.dll
c:\windows\system32\1b4atzi9f59.ocx
c:\windows\system32\1b509ddware95z.dll
c:\windows\system32\1b7bspywarz495.ocx
c:\windows\system32\1d95z5ief1993.bin
c:\windows\system32\1e50vir259z.dll
c:\windows\system32\1f92b9ckd5or3z49.dll
c:\windows\system32\1z525pa9se2324.cpl
c:\windows\system32\1z53hacktoo55c09.bin
c:\windows\system32\1z599w5rm4bc.bin
c:\windows\system32\1z929s5ambot2ec.dll
c:\windows\system32\1zf3backdoor28959.cpl
c:\windows\system32\20430hack95olz21.dll
c:\windows\system32\21250v9ruszc6.cpl
c:\windows\system32\21354s9z1655.cpl
c:\windows\system32\218849irus3z5.dll
c:\windows\system32\22195vzrusa9.bin
c:\windows\system32\22783zacktoo52519.dll
c:\windows\system32\22cz9ackdoor5806.ocx
c:\windows\system32\23fz9hre5t16969.cpl
c:\windows\system32\24585s9z645.dll
c:\windows\system32\24c9addz5re292.dll
c:\windows\system32\24z01s5y2d59.exe
c:\windows\system32\24z59troj5f9.bin
c:\windows\system32\251915rzj6d7.exe
c:\windows\system32\25537worz97f.dll
c:\windows\system32\25550worm3zf9.bin
c:\windows\system32\2559st5az11969.cpl
c:\windows\system32\255z0troj519.dll
c:\windows\system32\256z69pambot335.dll
c:\windows\system32\259not-a-vi5zs369.exe
c:\windows\system32\25z92not9a-virus4c2.cpl
c:\windows\system32\26153hack9zol198.cpl
c:\windows\system32\26616w5rz979.dll
c:\windows\system32\26905w9rm59z.ocx
c:\windows\system32\2690zspam9ot175.cpl
c:\windows\system32\269355pa9boz2e.ocx
c:\windows\system32\2720zno5-a-vi9us64d.bin
c:\windows\system32\274z4s9amb5taf.ocx
c:\windows\system32\27530spzmbo5966.ocx
c:\windows\system32\27581worz4119.bin
c:\windows\system32\27593noz-a-virus169.bin
c:\windows\system32\2765spa9se2z82.dll
c:\windows\system32\27786virz5991.bin
c:\windows\system32\27915viruz7f7.ocx
c:\windows\system32\279z5y9e4.dll
c:\windows\system32\27f5zparse9641.cpl
c:\windows\system32\28245h5ckt9ol4zd.dll
c:\windows\system32\28900v5zus2bf.bin
c:\windows\system32\28acszywa5e2196.cpl
c:\windows\system32\290259acktoo5z8b.bin
c:\windows\system32\294859rojebz.ocx
c:\windows\system32\29583ha5ktzol79f.ocx
c:\windows\system32\29589zacktool143.exe
c:\windows\system32\29683spz995.exe
c:\windows\system32\29735zo5m79e.exe
c:\windows\system32\29943not-az5irus7fb.ocx
c:\windows\system32\29951tz9j7b2.cpl
c:\windows\system32\299zste5l1458.exe
c:\windows\system32\29c65parze1941.exe
c:\windows\system32\29z55sp5mbot786.ocx
c:\windows\system32\2a84s9azs52679.ocx
c:\windows\system32\2c1ath5eaz13199.cpl
c:\windows\system32\2c5bthr9atz9554.ocx
c:\windows\system32\2e5fspywa9ez672.ocx
c:\windows\system32\2f0zspa9se18045.exe
c:\windows\system32\2f1bvzr9205.cpl
c:\windows\system32\2f55dow5loader9533z.cpl
c:\windows\system32\2f5adoznloa9e5779.dll
c:\windows\system32\2z056wo5m491.exe
c:\windows\system32\2z3t9reat1885.dll
c:\windows\system32\3017wozm56a9.exe
c:\windows\system32\30323noz-a-v9r5s27e.ocx
c:\windows\system32\3159s9ambo568z.ocx
c:\windows\system32\318309zcktool65c.bin
c:\windows\system32\31875vizu9563.cpl
c:\windows\system32\31999oznloader285.cpl
c:\windows\system32\3381noz5a9virus3c6.bin
c:\windows\system32\3455steal20z09.dll
c:\windows\system32\349thief3579z.ocx
c:\windows\system32\3534dozn9oader2749.exe
c:\windows\system32\353z0hack9ool42f.bin
c:\windows\system32\3553s9arse1117z.ocx
c:\windows\system32\357fspar9e78z.exe
c:\windows\system32\359zs5yware2081.ocx
c:\windows\system32\35d0th9efz599.dll
c:\windows\system32\3635zpa5bot369.bin
c:\windows\system32\3654zorm519.cpl
c:\windows\system32\369azddwar51960.exe
c:\windows\system32\37025ot-a9vizus557.exe
c:\windows\system32\375teaz839.ocx
c:\windows\system32\388cdow9zoader8345.bin
c:\windows\system32\3899viruz78b5.ocx
c:\windows\system32\3932szy512.dll
c:\windows\system32\39939vizus3dc5.bin
c:\windows\system32\3a215hzeat92100.bin
c:\windows\system32\3a39stzal1593.ocx
c:\windows\system32\3a995hiez2189.bin
c:\windows\system32\3b55sp5z9e3224.bin
c:\windows\system32\3be8backdooz25189.exe
c:\windows\system32\3c7dzown59ader992.exe
c:\windows\system32\3c97szar5e437.ocx
c:\windows\system32\3c99s5yzare10619.exe
c:\windows\system32\3cdzvir15959.bin
c:\windows\system32\3e8zsparse955.bin
c:\windows\system32\3f4f9tezl5590.cpl
c:\windows\system32\3z26thie91353.cpl
c:\windows\system32\3z3319ro5735.exe
c:\windows\system32\3z593s9ambot755.exe
c:\windows\system32\3zbfs9a5se1495.bin
c:\windows\system32\4187add59rez12.ocx
c:\windows\system32\4381hacztool9d5.bin
c:\windows\system32\4512hac9tool5dz.cpl
c:\windows\system32\4520spy9are182z.cpl
c:\windows\system32\4595ba5kdo9r2z25.exe
c:\windows\system32\4595sparsez199.cpl
c:\windows\system32\45azsparse19129.bin
c:\windows\system32\46b5th9eat163z4.exe
c:\windows\system32\482hz9kt5ol199.bin
c:\windows\system32\4894th9efz995.cpl
c:\windows\system32\4914vzr1555.exe
c:\windows\system32\4990hz5kt9ol4e5.dll
c:\windows\system32\4a05add9arz6.ocx
c:\windows\system32\4b2e9ackdozr1859.exe
c:\windows\system32\4b93downloadzr29715.cpl
c:\windows\system32\4ce9azdw95e1019.exe
c:\windows\system32\4eecaddwzre955.exe
c:\windows\system32\4f15spywa9e26z7.dll
c:\windows\system32\4f58spywa9ez189.dll
c:\windows\system32\4z24t9oj675.cpl
c:\windows\system32\4z54vi91157.ocx
c:\windows\system32\4z5hackt95l5ed.cpl
c:\windows\system32\50392szy535.cpl
c:\windows\system32\5071t9zef488.cpl
c:\windows\system32\5079zvirus5bf.dll
c:\windows\system32\5083down5zade92290.exe
c:\windows\system32\50c2backdzor9059.ocx
c:\windows\system32\5119sparsez50.dll
c:\windows\system32\511ba9kdoor1435z.bin
c:\windows\system32\5149downlo9d5rz20.exe
c:\windows\system32\515spzrse697.ocx
c:\windows\system32\51645ack9ooz2097.cpl
c:\windows\system32\5169addwaze2527.cpl
c:\windows\system32\51890zro939.ocx
c:\windows\system32\521fz5eal696.bin
c:\windows\system32\52510not-a-virus4z9.bin
c:\windows\system32\52613spambo9ccz.cpl
c:\windows\system32\5290stz9l353.cpl
c:\windows\system32\53059hiefz495.cpl
c:\windows\system32\5436sparze949.cpl
c:\windows\system32\543z5spy419.dll
c:\windows\system32\545bspy9aze3228.exe
c:\windows\system32\545zspa9se2249.bin
c:\windows\system32\54685ackt9ol4ez.dll
c:\windows\system32\546zadd9are5824.ocx
c:\windows\system32\5514downloaderz957.bin
c:\windows\system32\5515spywa9e197z.bin
c:\windows\system32\5524downloa9er193z.ocx
c:\windows\system32\5561szamb9t611.ocx
c:\windows\system32\559esparze490.bin
c:\windows\system32\55b25ddware2999z.bin
c:\windows\system32\55bdvir3z79.dll
c:\windows\system32\55d5addware2z219.bin
c:\windows\system32\55d6s9yware147z.cpl
c:\windows\system32\55fest9al13z7.exe
c:\windows\system32\55z4no95a-virus57b.bin
c:\windows\system32\5623v9rzs352.ocx
c:\windows\system32\565a9zarse1738.bin
c:\windows\system32\5685spa9sez806.dll
c:\windows\system32\569bth9zf5099.dll
c:\windows\system32\571eadd5are92z8.bin
c:\windows\system32\57461vzr9s17f.cpl
c:\windows\system32\57559rzjd1.cpl
c:\windows\system32\579d9oznloader1360.cpl
c:\windows\system32\57b7sp9rze2524.ocx
c:\windows\system32\588959pyz6f.bin
c:\windows\system32\5897addwar51z72.bin
c:\windows\system32\58aezackdoor18495.dll
c:\windows\system32\58cspywa9z1501.cpl
c:\windows\system32\5900virz917.bin
c:\windows\system32\5910th9eat1z548.ocx
c:\windows\system32\59235roz99e.exe
c:\windows\system32\5958downlo9der85z.ocx
c:\windows\system32\595dbackdoorz480.exe
c:\windows\system32\5967zworm3f1.dll
c:\windows\system32\59e0z9r5855.exe
c:\windows\system32\59e5szeal910.dll
c:\windows\system32\59ezspa5se2279.dll
c:\windows\system32\5a2dvz59044.bin
c:\windows\system32\5a3d9ir772z.exe
c:\windows\system32\5a569pywaze614.exe
c:\windows\system32\5a59szywa9e1969.cpl
c:\windows\system32\5a95szyware2579.bin
c:\windows\system32\5c1zth5eat6569.dll
c:\windows\system32\5c35addwar9196z.cpl
c:\windows\system32\5c469ownloader31z1.bin
c:\windows\system32\5c79vzr2783.ocx
c:\windows\system32\5ca95pywarez219.bin
c:\windows\system32\5cfbstzal9285.dll
c:\windows\system32\5d35sza9s51963.ocx
c:\windows\system32\5d64adzw5re249.bin
c:\windows\system32\5d95tzief2071.exe
c:\windows\system32\5e53do9nloadzr2919.cpl
c:\windows\system32\5eb0ba5zdoor3093.ocx
c:\windows\system32\5ezfspyware99945.cpl
c:\windows\system32\5f79bzckdoo51620.dll
c:\windows\system32\5f9cthrzat71035.ocx
c:\windows\system32\5z00spa9se1060.exe
c:\windows\system32\5z5csparse2999.bin
c:\windows\system32\5z72st9al639.bin
c:\windows\system32\5z775hie92511.bin
c:\windows\system32\5zf4spars9854.dll
c:\windows\system32\61b5tzre5t287969.exe
c:\windows\system32\62c2spz5se795.exe
c:\windows\system32\63045pz689.exe
c:\windows\system32\6319viz10475.ocx
c:\windows\system32\6354s9azbotc0.cpl
c:\windows\system32\6406not-a-5zrus9f3.bin
c:\windows\system32\6408z9yware5831.cpl
c:\windows\system32\64eadzwnl5ader9701.bin
c:\windows\system32\64z19o5nloader128.ocx
c:\windows\system32\6528szy4959.exe
c:\windows\system32\652troz7b95.bin
c:\windows\system32\6659dow5loader2963z.bin
c:\windows\system32\6729dowz5oader2255.bin
c:\windows\system32\6938virus7cz5.bin
c:\windows\system32\694bthreatz335.cpl
c:\windows\system32\69b1addwz9e5515.dll
c:\windows\system32\6af3s9arze6975.bin
c:\windows\system32\6b29do9nz5ader134.ocx
c:\windows\system32\6b92spy9are1z15.ocx
c:\windows\system32\6bdz9hrea519519.bin
c:\windows\system32\6da6zh5ef9097.bin
c:\windows\system32\6ff6sparsz32559.dll
c:\windows\system32\6zb1stea5119.exe
c:\windows\system32\6zd59hief5.exe
c:\windows\system32\6zd5th59at27088.dll
c:\windows\system32\7025zp9ware22155.ocx
c:\windows\system32\709aspazs5607.ocx
c:\windows\system32\7115noz-a-9iru56fc.bin
c:\windows\system32\7132s9e5z2335.bin
c:\windows\system32\713aspywarz1759.ocx
c:\windows\system32\717zad5ware2192.dll
c:\windows\system32\726zadd5are239.bin
c:\windows\system32\72b69zief18895.exe
c:\windows\system32\74a7down9oadz51414.exe
c:\windows\system32\757zwor953.ocx
c:\windows\system32\759zs5arse1998.exe
c:\windows\system32\765z9hief9535.exe
c:\windows\system32\769bsteal3569z.bin
c:\windows\system32\77e5z9ief521.dll
c:\windows\system32\796av5r203z.dll
c:\windows\system32\79bviz577.bin
c:\windows\system32\79c1sze9l2856.cpl
c:\windows\system32\7a9av9z975.dll
c:\windows\system32\7b4bbazkdoo53239.cpl
c:\windows\system32\7be1spz9are2753.dll
c:\windows\system32\7d96z59ef2227.dll
c:\windows\system32\7f65addwa59z31.exe
c:\windows\system32\7z7as9yw5re1690.cpl
c:\windows\system32\7zaedo9nload5r2067.cpl
c:\windows\system32\8246w9rm56z5.cpl
c:\windows\system32\8315s9y45z.exe
c:\windows\system32\8459rzj525.dll
c:\windows\system32\8562noz-a-vir9s377.cpl
c:\windows\system32\8f9back5oo92z79.bin
c:\windows\system32\909zhackto5l197.cpl
c:\windows\system32\92032s5yzd0.bin
c:\windows\system32\92214hacz5ool51b.cpl
c:\windows\system32\9236vir5s435z.exe
c:\windows\system32\92409spambot29z5.ocx
c:\windows\system32\92z17not-a-virus55b.exe
c:\windows\system32\93011t5zj465.exe
c:\windows\system32\935virz1519.exe
c:\windows\system32\94259worz2d8.cpl
c:\windows\system32\94303hzcktool4645.ocx
c:\windows\system32\9457hack9ool7edz.dll
c:\windows\system32\94817zr5j1e2.dll
c:\windows\system32\952z2virus6355.cpl
c:\windows\system32\954zir338.bin
c:\windows\system32\95539vzrus230.dll
c:\windows\system32\9565szam95t132.cpl
c:\windows\system32\95691spy19ez.ocx
c:\windows\system32\9581z9y3be.dll
c:\windows\system32\95891virusze0.cpl
c:\windows\system32\95958z5rm318.cpl
c:\windows\system32\95z565roj24f.cpl
c:\windows\system32\95zstea92162.exe
c:\windows\system32\96111zroj6f15.bin
c:\windows\system32\96627tr5j2dz.ocx
c:\windows\system32\9694wo5988z.bin
c:\windows\system32\971thrz5t25915.ocx
c:\windows\system32\9758spazb9ta5.ocx
c:\windows\system32\9809h5ckt9oz6bf.dll
c:\windows\system32\98250sp5mbzt25f.dll
c:\windows\system32\9883s5y4z6.cpl
c:\windows\system32\9883z9cktool1c35.cpl
c:\windows\system32\98dbthrea517z22.ocx
c:\windows\system32\9929spambot757z.ocx
c:\windows\system32\9957h5cktool2b4z.bin
c:\windows\system32\995spywarez250.dll
c:\windows\system32\9982zpam5ot691.ocx
c:\windows\system32\9a0t5iez1591.ocx
c:\windows\system32\9bbb5hiefz00.dll
c:\windows\system32\9c305hief310z.bin
c:\windows\system32\9eb3a5dware9z1.cpl
c:\windows\system32\9f0v5z2223.dll
c:\windows\system32\9z436worm705.bin
c:\windows\system32\admbbxhb.ini
c:\windows\system32\aoagijfl.ini
c:\windows\system32\aohsoova.ini
c:\windows\system32\b55a9dwzre1923.cpl
c:\windows\system32\b7ezac9doo51406.dll
c:\windows\system32\bb9downlzader595.dll
c:\windows\system32\be7zownl9ader3025.exe
c:\windows\system32\bmatgrmw.ini
c:\windows\system32\cfmcheme.ini
c:\windows\system32\CIPWaccf.ini
c:\windows\system32\CIPWaccf.ini2
c:\windows\system32\cmchvsng.ini
c:\windows\system32\cofdjcoo.ini
c:\windows\system32\cpmrhawe.ini
c:\windows\system32\crhnssmw.ini
c:\windows\system32\cxhxvtlm.ini
c:\windows\system32\da5thrzat127929.ocx
c:\windows\system32\de0thrzat7952.dll
c:\windows\system32\dggbbrfi.ini
c:\windows\system32\e05thief192z.ocx
c:\windows\system32\e4bspyzare995.dll
c:\windows\system32\e5thi9f995z.cpl
c:\windows\system32\e9bbackdzor25685.bin
c:\windows\system32\fqbqdwti.ini
c:\windows\system32\glkxvnfp.dll
c:\windows\system32\glwiksbx.ini
c:\windows\system32\gqqoaqus.ini
c:\windows\system32\guqanoug.ini
c:\windows\system32\gyebmdww.ini
c:\windows\system32\ifcybwqe.ini
c:\windows\system32\iqugtrnd.ini
c:\windows\system32\itwdqbqf.dll
c:\windows\system32\iwqbfuta.ini
c:\windows\system32\jakipyfw.ini
c:\windows\system32\jctfxuox.ini
c:\windows\system32\jgdbmtrh.ini
c:\windows\system32\kmkdkt.dll
c:\windows\system32\kurnaibo.ini
c:\windows\system32\ldvkyvrm.ini
c:\windows\system32\mnhtfura.ini
c:\windows\system32\mvnitqyj.ini
c:\windows\system32\oqiuoufl.dll
c:\windows\system32\oxskduyd.ini
c:\windows\system32\pfnvxklg.ini
c:\windows\system32\pvtiimks.ini
c:\windows\system32\rfgeskhi.ini
c:\windows\system32\rokiojoi.ini
c:\windows\system32\rvibpnia.ini
c:\windows\system32\shixtwlc.ini
c:\windows\system32\sntfxg.dll
c:\windows\system32\tnpcgdjf.ini
c:\windows\system32\twxlsged.ini
c:\windows\system32\ubrlpivw.ini
c:\windows\system32\ukflwuon.ini
c:\windows\system32\ukjevrai.ini
c:\windows\system32\ummywhmv.ini
c:\windows\system32\uxpvqltk.ini
c:\windows\system32\vvoxybai.ini
c:\windows\system32\weebbgga.ini
c:\windows\system32\wvcftbgm.ini
c:\windows\system32\xlvsqovt.dll
c:\windows\system32\xuheaint.ini
c:\windows\system32\xviftgrk.ini
c:\windows\system32\xweavbbd.ini
c:\windows\system32\yxvxslcc.ini
c:\windows\system32\z0634not-a5virus69d.bin
c:\windows\system32\z06915ackt9ol328.bin
c:\windows\system32\z2350sp54d39.exe
c:\windows\system32\z2364not-5-vir9s6d1.ocx
c:\windows\system32\z2553s9y36.dll
c:\windows\system32\z4534spam9ot4995.cpl
c:\windows\system32\z53baddware20729.bin
c:\windows\system32\z5459troj7d.exe
c:\windows\system32\z5539w5rm8b.exe
c:\windows\system32\z58ad9ware2495.exe
c:\windows\system32\z67troj95f.bin
c:\windows\system32\z7061s5y699.ocx
c:\windows\system32\z98bspyw5re2943.ocx
c:\windows\system32\zb99thi5f358.ocx
c:\windows\system32\zd555ir10459.ocx
c:\windows\system32\ze5fsteal9155.dll
c:\windows\z09ds9y5are1122.cpl
c:\windows\z147ad5ware29559.dll
c:\windows\z1c5steal28199.ocx
c:\windows\z3754ha9ktooled.ocx
c:\windows\z4159virusc95.dll
c:\windows\z5282n9t-a-viru534.cpl
c:\windows\z55ddownloader1895.exe
c:\windows\z5aaaddware3089.dll
c:\windows\z636spyw5re9632.ocx
c:\windows\z69dd5wnloader995.cpl
c:\windows\z70419o5mf2.ocx
c:\windows\z771backdoor20995.ocx
c:\windows\z797ste9l157.exe
c:\windows\z96esteal495.bin
c:\windows\z96sp5rse1410.bin
c:\windows\z981virus135.ocx
c:\windows\zb9evi95428.dll
c:\windows\zbc7s9ywa5e983.bin
c:\windows\ze14th5eat5179.bin
c:\windows\zf55vir9123.bin
D:\Autorun.inf
D:\resycled
d:\resycled\boot.com

----- BITS: Possible infected sites -----

[You must be registered and logged in to see this link.]
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ZUMIE_SEARCH_SERVICE


((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))))
.

2010-08-16 16:31 . 2010-08-16 16:31 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2010-08-16 16:30 . 2010-08-16 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-03 04:18 . 2010-08-03 04:18 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\MSNInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 16:30 . 2010-08-16 16:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2006-05-09 15:28 . 2006-05-09 13:28 22 --sha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-08 68856]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2007-06-14 1654784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2005-05-26 49152]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-09-10 180269]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\
BoontyBox Play Toad.lnk - c:\program files\Boonty\BoontyBox\BoontyBox.exe [2008-5-9 816736]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-9-10 36903]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [10/12/2008 5:32 PM 39472]
R2 BCMNTIO;BCMNTIO;c:\progra~1\CheckIt\DIAGNO~1\BCMNTIO.sys [10/2/2007 9:01 AM 3744]
R2 MAPMEM;MAPMEM;c:\progra~1\CheckIt\DIAGNO~1\MAPMEM.sys [10/2/2007 9:01 AM 3904]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
R3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\drivers\BLKWGU.sys [8/16/2010 12:07 PM 238848]
.
Contents of the 'Scheduled Tasks' folder

2010-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-08-17 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 01:20]

2010-08-03 c:\windows\Tasks\User_Feed_Synchronization-{F1CCCF97-1D47-4E2C-96D3-D421FD577380}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 10:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
mSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride =
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
mSearchURL = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{BE0027FB-31FF-4661-82BC-83ADCEF28F0F} - (no file)
BHO-{B183732D-C236-4DA2-804C-96FD00F8645E} - (no file)
HKLM-Run-PCDrProfiler - (no file)
HKLM-Run-c:\windows\system32\kdmob.exe - c:\windows\system32\kdmob.exe
Notify-geBuTnMD - geBuTnMD.dll
AddRemove-uuuubd - c:\documents and settings\hp_owner\local settings\application data\uuuubd.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-16 22:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2944414651-3263516352-774709417-1009\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2792)
c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Boonty\BoontyBox\BoontyBoxEngine.exe
.
**************************************************************************
.
Completion time: 2010-08-16 22:21:40 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-17 03:21

Pre-Run: 4,987,527,168 bytes free
Post-Run: 5,884,194,816 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - D15F76706B13D66CE29C82C459542C66

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by Belahzur on Wed 18 Aug 2010, 3:18 am

Hello.

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:
    Code:

    DDS::
    uInternet Settings,ProxyServer = http=127.0.0.1:5555
    uInternet Settings,ProxyOverride =
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Wed 18 Aug 2010, 4:45 am

ComboFix 10-08-16.03 - HP_Owner 08/17/2010 11:47:28.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.383.133 [GMT -5:00]
Running from: c:\documents and settings\HP_Owner\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\HP_Owner\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\HP_Owner\Local Settings\Temp\IadHide5.dll

.
((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))))
.

2010-08-17 14:41 . 2010-05-21 19:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-08-16 17:07 . 2007-06-01 05:13 238848 ----a-r- c:\windows\system32\drivers\BLKWGU.sys
2010-08-16 16:31 . 2010-08-16 16:31 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2010-08-16 16:30 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-16 16:30 . 2010-08-16 16:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-16 16:30 . 2010-08-16 16:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-16 16:30 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-15 21:52 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-08-15 21:52 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2010-08-15 21:51 . 2001-08-17 19:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-08-15 21:51 . 2001-08-17 19:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2010-08-03 04:18 . 2010-08-03 04:18 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\MSNInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2006-05-09 15:28 . 2006-05-09 13:28 22 --sha-w- c:\windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-08 68856]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2007-06-14 1654784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2005-05-26 49152]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-09-10 180269]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\
BoontyBox Play Toad.lnk - c:\program files\Boonty\BoontyBox\BoontyBox.exe [2008-5-9 816736]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-9-10 36903]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [10/12/2008 5:32 PM 39472]
R2 BCMNTIO;BCMNTIO;c:\progra~1\CheckIt\DIAGNO~1\BCMNTIO.sys [10/2/2007 9:01 AM 3744]
R2 MAPMEM;MAPMEM;c:\progra~1\CheckIt\DIAGNO~1\MAPMEM.sys [10/2/2007 9:01 AM 3904]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
R3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\drivers\BLKWGU.sys [8/16/2010 12:07 PM 238848]
.
Contents of the 'Scheduled Tasks' folder

2010-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-08-17 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 01:20]

2010-08-03 c:\windows\Tasks\User_Feed_Synchronization-{F1CCCF97-1D47-4E2C-96D3-D421FD577380}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 10:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
mSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
mSearchURL = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-17 12:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2944414651-3263516352-774709417-1009\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1472)
c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-08-17 12:15:35 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-17 17:15
ComboFix2.txt 2010-08-17 03:21

Pre-Run: 5,337,952,256 bytes free
Post-Run: 5,311,111,168 bytes free

- - End Of File - - FD2CE6C924F7010E75C7E78D47FA054A

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by Belahzur on Wed 18 Aug 2010, 11:47 am

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Wed 18 Aug 2010, 2:14 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=877af60baafafc4da3dd1f0d37c04bec
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-08-18 03:12:46
# local_time=2010-08-17 10:12:47 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=93086
# found=15
# cleaned=15
# scan_time=4330
C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\18\13a2e652-1ec15b3a Java/TrojanDownloader.OpenStream.NAC trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\21\7b20bc55-2260b3ff Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Antivirus System PRO\avscan.exe a variant of Win32/Adware.SpyProtector.R application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\qbdbfp\avhnsysguard.exe Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\algg.exe.virus Win32/BHO.NII trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\avooshoa.dll a variant of Win32/Adware.Virtumonde.NEF application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\bplgibdr.exe a variant of Win32/Agent.ODG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\cjhaxvbr.dll a variant of Win32/Adware.SuperJuan.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\clhkwgtl.dll a variant of Win32/Adware.SuperJuan.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\csokuvwaxls.exe Win32/Adware.GooochiBiz.AE.Gen application (deleted - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\fkjdqy.dll a variant of Win32/Adware.SuperJuan.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\gduabn.dll a variant of Win32/Adware.SuperJuan.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\iojoikor.dll a variant of Win32/Adware.Virtumonde.NEF application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\shexarrj.dll a variant of Win32/Adware.SuperJuan.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\xkvmlm.dll a variant of Win32/Adware.SuperJuan.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by Belahzur on Thu 19 Aug 2010, 8:51 am

Hello.

Delete this folder in bold:
C:\Program Files\qbdbfp

How is the machine running now?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Thu 19 Aug 2010, 11:35 am

It's running great! Although, I always get this error message after start-up:


AppleSyncNotifier.exe - Entry Point Not Found
The procedure entry point kCFStreamSocketSecurityLevelNegotiatedSSL could not be located in the dynamic link library CoreFoundation.dll.


It doesn't affect the performance at all, from what I can tell. And I don't know if I should mess with any of his Apple stuff in case it wipes out any of his song library. Otherwise, it runs smooth as a bell. I think I may need to update his Java. Also, I still need to bolster his computer's security. I know AntiVir is a great anti-virus (he currently doesn't have one running), and I use SpyBot and SpyGuard on my computer as well. Thanks again for all your help.

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by Sneakyone on Fri 20 Aug 2010, 2:13 pm

Hi.

Could you please run OTL again, and post the log here.


I'm livin' life in the fast lane.


Sneakyone

Tech Officer
Tech Officer

Posts : 2707
Joined : 2010-01-10
Operating System : Windows 7 Ultimate 64-bit

View user profile http://twitter.com/AVerySneakyone

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Fri 20 Aug 2010, 3:43 pm

OTL logfile created on: 8/19/2010 11:20:31 PM - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\HP_Owner\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 103.00 Mb Available Physical Memory | 27.00% Memory free
920.00 Mb Paging File | 560.00 Mb Available in Paging File | 61.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29.75 Gb Total Space | 4.72 Gb Free Space | 15.86% Space Free | Partition Type: NTFS
Drive D: | 7.50 Gb Total Space | 2.16 Gb Free Space | 28.77% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JULZACMAT
Current User Name: HP_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/05 15:42:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/06/14 10:28:32 | 001,654,784 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files\AWS\WeatherBug\Weather.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/08 09:16:35 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/11/03 20:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/03/17 16:43:58 | 000,816,736 | ---- | M] (BOONTY) -- C:\Program Files\Boonty\BoontyBox\BoontyBox.exe
PRC - [2005/09/10 15:03:23 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
PRC - [2005/09/10 13:56:44 | 000,241,772 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0\bin\jucheck.exe
PRC - [2005/09/10 13:56:44 | 000,036,972 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.5.0\bin\jusched.exe


========== Modules (SafeList) ==========

MOD - [2010/08/05 15:42:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/09/10 15:03:18 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\HP_Owner\Local Settings\Temp\IadHide5.dll
MOD - [2004/08/04 07:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\intelppm.sys -- (intelppm)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Combo-Fix\catchme.sys -- (catchme)
DRV - [2007/08/14 17:25:22 | 000,131,192 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2007/08/14 17:25:22 | 000,032,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2007/08/14 17:25:20 | 000,039,472 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2007/06/01 00:13:20 | 000,238,848 | R--- | M] (Belkin Corporation. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BELKIN)
DRV - [2005/05/25 18:18:42 | 000,011,904 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/05/25 17:53:04 | 000,245,760 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005/04/20 13:00:56 | 002,317,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/03/09 20:09:18 | 000,870,912 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2005/03/09 16:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/12/15 17:18:32 | 000,220,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 17:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 17:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/08/04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/03/05 17:09:02 | 000,003,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM)
DRV - [2004/03/05 17:09:00 | 000,003,744 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO)
DRV - [2003/07/11 17:28:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\Software\Microsoft\Internet Explorer\SearchURL\w, = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\Seekmo@Seekmo.com: C:\Program Files\Seekmo\bin\10.0.424.0\firefox\extensions
FF - HKLM\software\mozilla\Firefox\Extensions\\G2_v1042@gamingsquared.com: C:\Program Files\GamingSquared\Gaming2\FF_v1042 [2008/05/09 16:12:43 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/08/17 12:00:46 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\BoontyBox Play Toad.lnk = C:\Program Files\Boonty\BoontyBox\BoontyBox.exe (BOONTY)
O4 - Startup: C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\HP Organize.lnk = C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} [You must be registered and logged in to see this link.] (Symantec Download Manager)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} [You must be registered and logged in to see this link.] (Shutterfly Picture Upload Plugin)
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} [You must be registered and logged in to see this link.] (Toontown Installer ActiveX Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/25 00:32:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/18 18:03:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/08/17 20:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/08/17 20:50:20 | 000,000,000 | --SD | C] -- C:\Combo-Fix
[2010/08/17 13:46:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/08/17 13:45:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010/08/17 11:58:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/08/17 09:47:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010/08/17 09:47:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010/08/17 09:47:53 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010/08/17 09:47:52 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010/08/17 09:47:31 | 011,076,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010/08/17 09:41:04 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2010/08/16 21:31:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/16 21:14:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/16 12:07:00 | 000,238,848 | R--- | C] (Belkin Corporation. ) -- C:\WINDOWS\System32\drivers\BLKWGU.sys
[2010/08/16 11:31:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\Malwarebytes
[2010/08/16 11:30:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/16 11:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/16 11:30:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/16 11:30:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/15 16:54:19 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
[2010/08/15 16:52:23 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010/08/15 16:51:37 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010/08/02 23:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner\Application Data\MSNInstaller
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/18 18:16:10 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/08/18 18:02:33 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/08/18 17:57:21 | 000,441,690 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/18 17:57:21 | 000,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/18 17:57:21 | 000,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/18 17:55:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/18 17:55:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/18 17:55:08 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/17 22:46:32 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\HP_Owner\NTUSER.DAT
[2010/08/17 22:46:32 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\HP_Owner\ntuser.ini
[2010/08/17 22:32:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/08/17 20:40:54 | 000,164,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/17 12:00:55 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/17 12:00:46 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/16 21:32:07 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/08/16 12:01:49 | 006,291,456 | -H-- | M] () -- C:\Documents and Settings\HP_Owner\Local Settings\Application Data\IconCache.db
[2010/08/16 11:30:50 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/15 15:26:36 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2010/08/15 15:21:09 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/05 15:42:22 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner\Desktop\OTL.exe
[2010/08/02 23:08:46 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/08/02 22:27:24 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1CCCF97-1D47-4E2C-96D3-D421FD577380}.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/16 11:30:50 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2008/10/12 17:32:15 | 000,011,568 | ---- | C] () -- C:\WINDOWS\System32\drivers\UimFIO.sys
[2008/10/12 17:32:11 | 000,247,560 | ---- | C] () -- C:\WINDOWS\System32\prgiso.dll
[2008/10/12 17:32:10 | 004,244,744 | ---- | C] () -- C:\WINDOWS\System32\qtp-mt334.dll
[2008/10/12 17:32:10 | 000,013,576 | ---- | C] () -- C:\WINDOWS\System32\wnaspi32.dll
[2008/01/09 18:09:28 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/04/15 12:22:36 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/04/15 12:22:23 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/02/17 04:11:59 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/02/16 04:13:35 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/01/18 16:58:08 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2006/07/02 10:58:43 | 000,010,240 | ---- | C] () -- C:\WINDOWS\ZServ.dll
[2005/09/10 15:37:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/10 15:01:51 | 000,013,568 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/09/10 15:01:42 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/09/10 14:58:38 | 000,000,172 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/09/10 14:52:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/10 14:33:03 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/09/10 14:12:05 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/09/10 14:05:08 | 000,138,945 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/09/10 14:05:08 | 000,075,418 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/09/10 13:51:28 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/09/10 13:47:00 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/09/10 13:47:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/09/10 13:46:17 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/05/10 01:52:32 | 000,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2005/04/29 16:42:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/06/16 00:38:02 | 000,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 00:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
< End of report >

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by angrydragon on Sat 21 Aug 2010, 2:51 pm

Any problems with the OTL, or should I proceed with securing his computer with anti-virus and malware software? Thanks.

angrydragon

Newbie Surfer
Newbie Surfer

Posts : 22
Joined : 2010-08-16
Operating System : Windows XP

View user profile

Back to top Go down

Re: Trouble accessing internet

Post by Sneakyone on Sat 21 Aug 2010, 2:59 pm

Hi.

Please go to Kaspersky website and perform an online antivirus scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.


  • I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: Trouble accessing internet

    Post by angrydragon on Sun 22 Aug 2010, 1:15 am

    --------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER 7.0: scan report
    Saturday, August 21, 2010
    Operating system: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
    Kaspersky Online Scanner version: 7.0.26.13
    Last database update: Friday, August 20, 2010 22:22:39
    Records in database: 4130136
    --------------------------------------------------------------------------------

    Scan settings:
    scan using the following database: extended
    Scan archives: yes
    Scan e-mail databases: yes

    Scan area - My Computer:
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\

    Scan statistics:
    Objects scanned: 100263
    Threats found: 4
    Infected objects found: 5
    Suspicious objects found: 0
    Scan duration: 08:43:58


    File name / Threat / Threats count
    C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\23\48407157-1d44e63b Infected: Trojan-Downloader.Java.OpenStream.ac 1
    C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\43\76fe1dab-2a305f93 Infected: Exploit.Java.Agent.f 1
    C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\43\76fe1dab-2a305f93 Infected: Trojan-Downloader.Java.Agent.ak 1
    C:\hp\bin\wbug\HPSummer2005.exe Infected: not-a-virus:AdWare.Win32.MyWay.j 1
    D:\I386\Apps\APP31789\src\HPSummer2005.exe Infected: not-a-virus:AdWare.Win32.MyWay.j 1

    Selected area has been scanned.

    angrydragon

    Newbie Surfer
    Newbie Surfer

    Posts : 22
    Joined : 2010-08-16
    Operating System : Windows XP

    View user profile

    Back to top Go down

    Re: Trouble accessing internet

    Post by Sneakyone on Sun 22 Aug 2010, 4:41 am

    Hi.

    Please run OTL.exe.

    • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

      Code:

      :Files
      C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\23\48407157-1d44e63b
      C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\43\76fe1dab-2a305f93


      :commands
      [emptytemp]
      [emptyflash]
      [resethosts]
      [reboot]

    • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

    • Click the red Run Fix button.
    • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
    • Close OTL.exe

    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


    I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: Trouble accessing internet

    Post by angrydragon on Sun 22 Aug 2010, 5:13 am

    I still got that "AppleSyncNotifier" error message after reboot/start-up. Like I said, it doesn't seem to affect performance after you close it/select "Ok". So, if it's not a big deal and there aren't any more scans to run, I can start with the anti-virus stuff. Thanks again for all your help. Here's the log:



    All processes killed
    ========== FILES ==========
    C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\23\48407157-1d44e63b moved successfully.
    C:\Documents and Settings\HP_Owner\Application Data\Sun\Java\Deployment\cache\6.0\43\76fe1dab-2a305f93 moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 18714 bytes
    ->Temporary Internet Files folder emptied: 32768 bytes

    User: HP_Owner
    ->Temp folder emptied: 106946369 bytes
    ->Temporary Internet Files folder emptied: 157667598 bytes
    ->Java cache emptied: 9413598 bytes
    ->Apple Safari cache emptied: 14336 bytes
    ->Flash cache emptied: 2292007 bytes

    User: LocalService
    ->Temp folder emptied: 65748 bytes
    ->Temporary Internet Files folder emptied: 16786 bytes

    User: NetworkService
    ->Temp folder emptied: 5188 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 3345648 bytes
    %systemroot%\System32 .tmp files removed: 2577 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 3283792 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 47210 bytes

    Total Files Cleaned = 270.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: HP_Owner
    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: NetworkService

    angrydragon

    Newbie Surfer
    Newbie Surfer

    Posts : 22
    Joined : 2010-08-16
    Operating System : Windows XP

    View user profile

    Back to top Go down

    Re: Trouble accessing internet

    Post by Sneakyone on Sun 22 Aug 2010, 5:28 am

    Hi.

    All the malware has been removed, as for that error nothing useful comes up in a simple google search, I recommend posting in Apple's forums to prevent any issues with songs because I don't want to mess anything up.

    [You must be registered and logged in to see this link.]

    =========

    Your computer is now clean. Now, time to remove the tools used, and update your computer to prevent vulnerability.

    Updating System Restore
    Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
    • Select Start > All Programs > Accessories > System tools > System Restore.
    • On the dialogue box that appears select Create a Restore Point
    • Click NEXT
    • Enter a name e.g. Clean
    • Click CREATE.


    You now have a clean restore point.

    To get rid of the bad ones:
    • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
    • In the Drop down box that appears select your main drive e.g. C
    • Click OK
    • The System will do a calculation of temporary/old files, and then display a dialogue box.
    • Select the More Options Tab.
    • At the bottom will be a System Restore box with a CLEANUP button click this
    • Accept the Warning and select OK again, the program will close and you are done.


    ========

    Removing the tools
    Now, to remove all of the tools we used and the files and folders they created, please do the following:

    Download OTC.exe by OldTimer:
    • Save it to your Desktop.
    • Double click OTC.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.
      Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.


    ============

    Service Pack upgrade
    Please consider upgrading to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

    More info about SP3: [You must be registered and logged in to see this link.]

    =====

    Update Programs
    Please download the newest version of Adobe Acrobat Reader from Adobe.com

    Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs.
    Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

    Once old versions are gone, please install the newest version.



    Please download the newest version of Java from Java.com.

    Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs.
    Search in the list for all previous installed versions of Java (J2SE Runtime Environment). Please uninstall/remove each of them.

    Once old versions are gone, please install the newest version.

    ========

    Here are some prevention tips I have provided:

    1. Don't download files from untrusted websites or websites that seem suspious.

    2. Don't use torrents they are a good way to get lots of malware.

    3. Don't download and use cracks/warez/keygens they are illegal and are another good way to contract malware.

    4. Disable autorun XP or Vista/7

    5. Always make sure you have the latest Windows updates. windowsupdate.microsoft.com

    6. Don't ever click on the links inside of a popup.

    7. Make sure you know what you install you can make sure it is not know for being a virus by just simply searching about it on google.

    8. Use a Site Advisor so you don't go to sites that will infect you. Mcafee Siteadvisor

    9. Also there are many holes and flaws in Internet Explorer I recommend using Firefox 3 to keep you more safe.

    10. Always keep your Java and Adobe updated.

    11. Don't fall for the Scareware. What is Scareware? it is a website made to download a rogue Antivirus on your system that will scare you into buying their fake software due to false detections.

    12. Always have a Firewall and a Antivirus.

    Thanks for choosing GeekPolice, see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?

    For more information please visit [You must be registered and logged in to see this link.]


    I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: Trouble accessing internet

    Post by angrydragon on Sun 22 Aug 2010, 6:03 am

    Great, thanks a million, Sneakyone!

    angrydragon

    Newbie Surfer
    Newbie Surfer

    Posts : 22
    Joined : 2010-08-16
    Operating System : Windows XP

    View user profile

    Back to top Go down

    Re: Trouble accessing internet

    Post by Sneakyone on Sun 22 Aug 2010, 9:46 am

    You're welcome, glad to help.


    I'm livin' life in the fast lane.


    Sneakyone

    Tech Officer
    Tech Officer

    Posts : 2707
    Joined : 2010-01-10
    Operating System : Windows 7 Ultimate 64-bit

    View user profile http://twitter.com/AVerySneakyone

    Back to top Go down

    Re: Trouble accessing internet

    Post by Sponsored content Today at 7:38 am


    Sponsored content


    Back to top Go down

    View previous topic View next topic Back to top


     
    Permissions in this forum:
    You cannot reply to topics in this forum