Please help Win32/Genetik Trojan

December 13, 2009 at 18:43:16
Specs: Windows XP
Please help me with this trojan.. a window from NOD32 pops up and says that I have this trojan in my memory "win32/genetik trojan" name http://fongfeifei.com.cn/images/aa.jpg

NOD32 Can not treat and pops up warining everyday.. I don't want to format or install new Window T-T


See More: Please help Win32/Genetik Trojan

Report •


#1
December 13, 2009 at 18:59:59
Please run RSIT.exe by random/random and post its logs.

Download random's system information tool (RSIT) by random/random from the following link and save it to your desktop.

RSIT.exe

1. Double click on RSIT.exe to launch program.
2.(Vista Users Only) Right click on the RSIT.exe icon and select "Run as Administrator" to run the program.
3. Click Continue at the disclaimer screen.
4. Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
5.Once it has finished, two logs will open: log.txt<-- this will be maximized and info.txt<-- this will be minimized. Both logs will be located at C:\RSIT.exe.

Please post the contents of both logs (in separate post) in your next reply. It may take 3 to 4 post to get the entire log to us.

Download Gmer.exe from the following link.

Link1

1. Disconnect from the Internet and close all running programs.
2. Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
3. Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
4. Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
5. GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
6. If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
7. Now click the Scan button. If you see a rootkit warning window, click OK.
8. When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
9. Click the Copy button and paste the results into your next reply.
•Exit GMER and re-enable all active protection when done.


Report •

#2
December 13, 2009 at 20:07:18
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-12-14 11:07:43
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 116 GB (77%) free of 150 GB
Total RAM: 2046 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:52 AM, on 12/14/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Trackerx90\Anti Removable Disk Virus (ARDV) by Trackerx90\ardv32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Lexmark Applications\QLink\QLINK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Desktop\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.th/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [protect_autorun] C:\Documents and Settings\Owner\My Documents\My Received Files\CPE17 Autorun Killer (AntiAutorun) v.1.7.1 build 1325.exe /start
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ARDV.lnk = C:\Program Files\Trackerx90\Anti Removable Disk Virus (ARDV) by Trackerx90\ardv32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QLINK.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd....
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?4431b2908afb434daa8895c3709fcf26
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?4431b2908afb434daa8895c3709fcf26
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/Sl...
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://secure1.playpark.com/playpark/refill2/nProtect/KeyCrypt/npkcx.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

--
End of file - 11176 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-03-11 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-20 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-17 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-10-30 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-17 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-17 259696]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-20 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-02-23 1032192]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-09-27 854536]
"AzMixerSel"=C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [2006-07-18 53248]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-10 17021440]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-30 13553664]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-30 86016]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2009-03-21 3670528]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-03-21 949376]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-12-15 49152]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-04-11 37888]
"protect_autorun"=C:\Documents and Settings\Owner\My Documents\My Received Files\CPE17 Autorun Killer (AntiAutorun) v.1.7.1 build 1325.exe [2009-11-09 139264]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2009-10-17 1070984]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-03-11 24095528]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-14 68856]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
ARDV.lnk - C:\Program Files\Trackerx90\Anti Removable Disk Virus (ARDV) by Trackerx90\ardv32.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
QLINK.lnk - C:\Program Files\Lexmark Applications\QLink\QLINK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2009-03-21 3192320]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio Protection\PwdFilter

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\PlayPark\T3Entertainment\AuditionTH\patcher.exe"="C:\PlayPark\T3Entertainment\AuditionTH\patcher.exe:*:Enabled:Audition Client Patcher"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2009-12-14 11:07:43 ----D---- C:\rsit
2009-12-14 11:07:43 ----D---- C:\Program Files\trend micro
2009-12-14 10:52:59 ----A---- C:\xwp2gb0h.exe
2009-12-11 17:28:13 ----D---- C:\Program Files\GPLGS
2009-12-11 17:24:27 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-12-11 17:24:19 ----D---- C:\Program Files\Acro Software
2009-12-10 23:31:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-10 23:30:58 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-10 08:57:53 ----D---- C:\Program Files\TrendMicro
2009-12-09 23:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 23:45:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 23:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-09 09:31:04 ----A---- C:\WINDOWS\system32\ztvunrar36.dll
2009-12-09 09:31:04 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2009-12-09 09:31:04 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2009-12-09 09:31:04 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2009-12-09 09:31:04 ----A---- C:\WINDOWS\system32\unacev2.dll
2009-12-09 09:30:48 ----D---- C:\Program Files\Trojan Remover
2009-12-09 09:30:48 ----D---- C:\Documents and Settings\Owner\Application Data\Simply Super Software
2009-12-09 09:30:48 ----D---- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2009-12-04 17:08:21 ----D---- C:\LovEZaCluB
2009-12-04 13:03:55 ----A---- C:\WINDOWS\system32\CNMVS78.DLL
2009-12-04 13:03:55 ----A---- C:\WINDOWS\system32\CNMLM78.DLL
2009-12-04 13:03:50 ----A---- C:\WINDOWS\system32\CNMCP78.exe
2009-12-04 13:03:49 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ
2009-12-04 13:01:50 ----D---- C:\iP4200
2009-12-04 13:01:42 ----A---- C:\ip4200xp190bus.exe
2009-12-03 19:49:20 ----A---- C:\WINDOWS\system32\NhjydhH.dll
2009-11-25 23:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 23:33:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-23 20:06:08 ----A---- C:\WINDOWS\system32\engine02.dll
2009-11-23 20:06:08 ----A---- C:\WINDOWS\system32\engine01.dll
2009-11-16 16:34:21 ----D---- C:\Documents and Settings\Owner\Application Data\Media Player Classic
2009-11-16 16:32:00 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-11-16 16:32:00 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-11-16 16:32:00 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-11-16 16:32:00 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-11-16 16:31:58 ----A---- C:\WINDOWS\system32\unrar.dll
2009-11-16 16:31:57 ----A---- C:\WINDOWS\avisplitter.ini
2009-11-16 16:31:51 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-11-16 16:31:51 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-11-16 16:31:51 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-11-16 16:31:48 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-11-16 16:31:48 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-11-16 16:31:41 ----A---- C:\WINDOWS\system32\divx.dll
2009-11-16 16:31:39 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-11-16 16:31:39 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-11-16 16:31:36 ----D---- C:\Program Files\K-Lite Codec Pack

======List of files/folders modified in the last 1 months======

2009-12-14 11:07:50 ----D---- C:\WINDOWS\Prefetch
2009-12-14 11:07:48 ----D---- C:\WINDOWS\Temp
2009-12-14 11:07:43 ----RD---- C:\Program Files
2009-12-14 11:06:13 ----D---- C:\Documents and Settings\Owner\Application Data\Skype
2009-12-14 10:00:31 ----D---- C:\WINDOWS\system32\wbem
2009-12-14 10:00:31 ----D---- C:\WINDOWS\system32
2009-12-14 10:00:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-14 08:09:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-14 08:09:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-13 01:16:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-12 22:14:58 ----D---- C:\WINDOWS\system32\drivers
2009-12-12 21:40:37 ----D---- C:\Program Files\ESET
2009-12-11 19:53:37 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-11 17:37:01 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-11 17:36:28 ----SHD---- C:\WINDOWS\Installer
2009-12-11 17:36:28 ----HD---- C:\Config.Msi
2009-12-11 17:36:03 ----D---- C:\Program Files\Common Files\Adobe
2009-12-11 17:35:44 ----D---- C:\Program Files\Adobe
2009-12-11 17:14:03 ----RSD---- C:\WINDOWS\Fonts
2009-12-11 16:28:41 ----D---- C:\Documents and Settings\Owner\Application Data\AdobeUM
2009-12-11 08:04:23 ----D---- C:\WINDOWS
2009-12-10 23:31:33 ----HD---- C:\WINDOWS\inf
2009-12-10 23:31:26 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-10 23:31:06 ----A---- C:\WINDOWS\imsins.BAK
2009-12-10 08:57:54 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-12-09 23:45:40 ----D---- C:\Program Files\Internet Explorer
2009-12-09 14:24:53 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-06 20:44:33 ----D---- C:\Program Files\WinRAR
2009-12-06 20:44:33 ----D---- C:\Program Files\Windows NT
2009-12-06 20:44:33 ----D---- C:\Program Files\Windows Media Player
2009-12-06 20:44:32 ----D---- C:\Program Files\Winamp Toolbar
2009-12-06 20:44:32 ----D---- C:\Program Files\Winamp
2009-12-06 20:44:31 ----D---- C:\Program Files\Total Video Converter
2009-12-06 20:44:26 ----D---- C:\Program Files\Outlook Express
2009-12-06 20:44:25 ----D---- C:\Program Files\NetMeeting
2009-12-06 20:44:25 ----D---- C:\Program Files\Movie Maker
2009-12-06 20:44:25 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-12-06 20:44:24 ----D---- C:\Program Files\Messenger
2009-12-06 20:44:23 ----D---- C:\Program Files\Launch Manager
2009-12-06 20:44:10 ----D---- C:\Program Files\AuBot6.0
2009-12-06 20:44:07 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint
2009-12-06 20:44:04 ----D---- C:\Fraps
2009-12-03 19:25:59 ----D---- C:\Program Files\4TH Network
2009-11-26 17:37:44 ----D---- C:\WINDOWS\WinSxS
2009-11-22 20:31:00 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-15 01:50:56 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-03-21 15424]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-03-21 512096]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 Int15;Int 15; \??\C:\WINDOWS\System32\drivers\int15.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-11-06 879528]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-09 16896]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2008-03-26 985472]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2008-03-26 210560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-14 4879360]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-08-25 37376]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit ; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-05-21 3630336]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-30 6621408]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2008-09-25 41376]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-02-23 222400]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2006-02-28 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2008-03-26 731264]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-11-06 539576]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-06-30 156392]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-04-01 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-03-23 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-08-28 74656]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2008-09-10 99216]
S3 MSPCT;MSPCT; \??\C:\WINDOWS\system32\kbmB.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2006-02-28 67584]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Serial emulation modem driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-11-01 264800]
R2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2009-03-21 3598848]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-03-21 552064]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-30 168004]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-17 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-05-27 2825429]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


Report •

#3
December 13, 2009 at 20:08:15
info.txt logfile of random's system information tool 1.06 2009-12-14 11:07:54

======Uninstall list======

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F651C08B-D29D-429D-9EA9-8FAED1D3DB87}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
ACDSee Pro 2-->MsiExec.exe /I{4AAC95F4-A30E-4EE5-A086-6F79581D0D70}
Acer Bio Protection
AAA 6.0.00.17-->"C:\Program Files\Acer\Acer Bio Protection\uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Advance Typing 2 + Game-->C:\WINDOWS\ST5UNST.EXE -n "C:\Program Files\Advance Typing 2 + Game\ST5UNST.LOG"
AIMP2-->C:\Program Files\AIMP2\UnInstall.exe
Anti Removable Disk Virus (ARDV) by Trackerx90-->MsiExec.exe /X{FB3BFBE2-8AF5-4C6B-8B00-ED87F1E7C6EC}
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
Audition-->"C:\Program Files\InstallShield Installation Information\{4A5A550D-1C7A-4D49-B4D2-003320AD4E7E}\setup.exe" -runfromtemp -l0x001e -removeonly
Canon iP4200-->C:\WINDOWS\system32\CNMCP78.exe "-PRINTERNAMECanon iP4200" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll"
CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
Form Fill (Windows Live Toolbar)-->MsiExec.exe /X{F5AF5CDA-76FC-4794-9F28-09B6D54E7431}
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IAcZUnM5k.INF
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
HP Extended Capabilities 6.1-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 6.1-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
HP PSC & OfficeJet 6.1.A-->"C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center and Imaging Support Tools 6.1-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
In The Groove (remove only)-->"C:\Program Files\In The Groove\uninstall.exe"
JMicron JMB38X Flash Media Controller-->"C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Mega Codec Pack 5.4.4-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Lexmark Software Uninstall-->C:\Program Files\Lexmark_HostCD\Install\x86\Uninstall.exe
Map Button (Windows Live Toolbar)-->MsiExec.exe /X{ECDA9BD9-A54E-462A-8191-A2B569D9AB34}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2003 Thai User Interface Pack-->MsiExec.exe /I{901E041E-6000-11D3-8CFE-0150048383C9}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Nero 7 Micro 7.9.6.0-->"C:\Program Files\Nero\unins000.exe"
NOD32 antivirus system-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{DF821FC5-C198-452B-A0D4-82433EFEAE9B}
Pangya_Th (NtreevSoft)-->C:\Program Files\NtreevSoft\Pangya_Th\uninstall.exe
Popup Blocker (Windows Live Toolbar)-->MsiExec.exe /X{117CD9C0-0F15-4633-93D7-F957B50535A5}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Presto! PageManager 7.12.03-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}\setup.exe" -l0x9 -anything
QLink-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{880A0DCF-E8C2-11D9-AAFD-0050BA1ACA6F}\setup.exe"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype? 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{95FC661A-A0C5-4B18-92CE-90347DA79CC9}
StepMania (remove only)-->"C:\Program Files\StepMania\uninstall.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Tabbed Browsing (Windows Live Toolbar)-->MsiExec.exe /X{1707BF02-0F5C-4A6C-8F17-053BB73E443F}
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
Thai Translator Tool-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\ThaiToEnglish\ST6UNST.LOG"
ThaiToEnglish-->"C:\Program Files\ThaiToEnglish\unins000.exe"
Total Video Converter 3.10-->"C:\Program Files\Total Video Converter\unins000.exe"
Trojan Remover 6.8.1-->"C:\Program Files\Trojan Remover\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update for Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
We Dancing Online 1.00-->C:\Program Files\TOT\We Dancing Online\Uninstall.exe
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Winamp Toolbar-->"C:\Program Files\Winamp Toolbar\uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live Family Safety-->MsiExec.exe /X{139E303E-1050-497F-98B1-9AE87B15C463}
Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live Outlook Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{A40D6757-B145-4FE7-B694-89180A9F3F64}
Windows Live Photo Gallery-->MsiExec.exe /X{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}
Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{3727B920-F5A3-46A4-AC02-94F421A039C7}
Windows Live Toolbar Feed Detector (Windows Live Toolbar)-->MsiExec.exe /X{38024121-D084-4E7D-B1A2-1A04CB5C4CF3}
Windows Live Toolbar-->MsiExec.exe /X{995F1E2E-F542-4310-8E1D-9926F5A279B3}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: ESET NOD32 antivirus system 2.70

======System event log======

Computer Name: ACER-61A8023B7A
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 336703
Source Name: Service Control Manager
Time Written: 20091211171448.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 336700
Source Name: Service Control Manager
Time Written: 20091211171448.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 336697
Source Name: Service Control Manager
Time Written: 20091211171448.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 7023
Message: The Application Management service terminated with the following error:
The specified module could not be found.


Record Number: 336694
Source Name: Service Control Manager
Time Written: 20091211171448.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 6161
Message: The document Quotation-Green 09.xls owned by Owner failed to print on printer PageManager PDF Writer. Data type: NT EMF 1.008. Size of the spool file in bytes: 196608. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\ACER-61A8023B7A. Win32 error code returned by the print processor: 0 (0x0).

Record Number: 336654
Source Name: Print
Time Written: 20091211170106.000000+420
Event Type: error
User: ACER-61A8023B7A\Owner

=====Application event log=====

Computer Name: ACER-61A8023B7A
Event Code: 1000
Message: Faulting application iexplore.exe, version 6.0.2900.2180, faulting module mshtml.dll, version 6.0.2900.3562, fault address 0x0023becd.

Record Number: 3921
Source Name: Application Error
Time Written: 20090706150016.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 1000
Message: Faulting application acrobat.exe, version 6.0.0.878, faulting module msvcrt.dll, version 7.0.2600.2180, fault address 0x000370d0.

Record Number: 3920
Source Name: Application Error
Time Written: 20090706090324.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 1000
Message: Faulting application winamp.exe, version 5.5.5.2435, faulting module ml_bookmarks.dll, version 0.0.0.0, fault address 0x000012d3.

Record Number: 3919
Source Name: Application Error
Time Written: 20090706090206.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 1000
Message: Faulting application iexplore.exe, version 6.0.2900.2180, faulting module flash10b.ocx, version 10.0.22.87, fault address 0x0021aa4b.

Record Number: 3910
Source Name: Application Error
Time Written: 20090705170122.000000+420
Event Type: error
User:

Computer Name: ACER-61A8023B7A
Event Code: 1000
Message: Faulting application excel.exe, version 11.0.8307.0, stamp 49ee85df, faulting module excel.exe, version 11.0.8307.0, stamp 49ee85df, debug? 0, fault address 0x004d3703.

Record Number: 3909
Source Name: Microsoft Office 11
Time Written: 20090705143447.000000+420
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------


Report •

Related Solutions

#4
December 13, 2009 at 21:54:16
GMER 1.0.15.15279 - http://www.gmer.net
Rootkit scan 2009-12-14 12:56:26
Windows 5.1.2600 Service Pack 2
Running: xwp2gb0h.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\fwdyrfoc.sys


---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9063360, 0x38908D, 0xE8000020]
.text C:\WINDOWS\system32\drivers\oreans32.sys section is writeable [0xBA9F8280, 0x7B1C, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Windows Live\Toolbar\wltuser.exe[804] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10007BAC
.text C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe[1240] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10007BAC
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!CreateWindowExW 77D51AD5 5 Bytes JMP 3E2ED6EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!DialogBoxParamW 77D56702 5 Bytes JMP 3E21541D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!DialogBoxParamA 77D588E1 5 Bytes JMP 3E3E43BC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!DialogBoxIndirectParamW 77D62598 5 Bytes JMP 3E3E441F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!MessageBoxIndirectA 77D6AEF1 5 Bytes JMP 3E3E4351 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!MessageBoxExW 77D80559 5 Bytes JMP 3E3E4222 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!MessageBoxExA 77D8057D 5 Bytes JMP 3E3E4284 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!DialogBoxIndirectParamA 77D86CED 5 Bytes JMP 3E3E4482 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] USER32.dll!MessageBoxIndirectW 77D960B7 5 Bytes JMP 3E3E42E6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10007BAC
.text C:\Program Files\Internet Explorer\iexplore.exe[1652] ws2_32.dll!send 71AB428A 5 Bytes JMP 10007C61
.text C:\Program Files\Windows Live\Contacts\wlcomm.exe[1684] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10007BAC
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[2404] ws2_32.dll!connect 71AB406A 5 Bytes JMP 00857BAC
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[2980] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10007BAC
.text C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[3088] WS2_32.dll!connect 71AB406A 5 Bytes JMP 003D7BAC
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3148] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10007BAC
.text ...
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!CallNextHookEx 77D4ED6E 5 Bytes JMP 3E2DCEE9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!CreateWindowExW 77D51AD5 5 Bytes JMP 3E2ED6EC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!DialogBoxParamW 77D56702 5 Bytes JMP 3E21541D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!DialogBoxParamA 77D588E1 5 Bytes JMP 3E3E43BC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!DialogBoxIndirectParamW 77D62598 5 Bytes JMP 3E3E441F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!MessageBoxIndirectA 77D6AEF1 5 Bytes JMP 3E3E4351 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 3E2E9865 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 3E254602 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!MessageBoxExW 77D80559 5 Bytes JMP 3E3E4222 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!MessageBoxExA 77D8057D 5 Bytes JMP 3E3E4284 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!DialogBoxIndirectParamA 77D86CED 5 Bytes JMP 3E3E4482 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] USER32.dll!MessageBoxIndirectW 77D960B7 5 Bytes JMP 3E3E42E6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ole32.dll!OleLoadFromStream 77518C62 5 Bytes JMP 3E3E47A0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ole32.dll!CoCreateInstance 77526009 5 Bytes JMP 3E2ED748 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 46CAE71D C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ws2_32.dll!socket 71AB3B91 5 Bytes JMP 46CAE59E C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ws2_32.dll!connect 71AB406A 5 Bytes JMP 46CAE62A C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ws2_32.dll!send 71AB428A 5 Bytes JMP 46CAE9ED C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ws2_32.dll!recv 71AB615A 5 Bytes JMP 46CAF1C3 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3816] ws2_32.dll!closesocket 71AB9639 5 Bytes JMP 46CAEEE9 C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll (Microsoft Search Note/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Internet Explorer\iexplore.exe[3816] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----

Library (*** hidden *** ) @ C:\Program Files\Windows Live\Toolbar\wltuser.exe [804] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Toolbar\wltuser.exe [804] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Toolbar\wltuser.exe [804] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [1240] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [1240] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [1240] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [1652] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [1652] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [1652] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Contacts\wlcomm.exe [1684] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Contacts\wlcomm.exe [1684] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Contacts\wlcomm.exe [1684] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [2404] 0x00850000
Library (*** hidden *** ) @ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [2404] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [2404] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2980] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2980] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2980] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [3088] 0x003D0000
Library (*** hidden *** ) @ C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [3088] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [3088] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [3148] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [3148] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [3148] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\Lexmark Applications\QLink\QLINK.EXE [3160] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\Lexmark Applications\QLink\QLINK.EXE [3160] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\Lexmark Applications\QLink\QLINK.EXE [3160] 0x74D90000
Library (*** hidden *** ) @ C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE [3432] 0x00370000
Library (*** hidden *** ) @ C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE [3432] 0x629C0000
Library (*** hidden *** ) @ C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE [3432] 0x74D90000
Library (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3816] 0x629C0000
Library (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3816] 0x10000000
Library (*** hidden *** ) @ C:\Program Files\Internet Explorer\iexplore.exe [3816] 0x74D90000

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{08d6b1ad-afd6-42e7-92da-589635356acf}@Model 158
Reg HKLM\SOFTWARE\Classes\CLSID\{08d6b1ad-afd6-42e7-92da-589635356acf}@Therad 7
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo@FriendlyName Indeo? video 5.10 Compression Filter
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo@CLSID {1F73E9B1-8C3A-11D0-A3BE-00A0C9244436}
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo@FilterData 0x02 0x00 0x00 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{33D9A760-90C8-11d0-BD43-00A0C911CE86}\Instance\Indeo@EncoderType 1
Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0x1F 0x38 0x32 0x76 ...

---- EOF - GMER 1.0.15 ----


Report •

#5
December 15, 2009 at 03:36:26
Please go to Virus Total and upload the following file for analysis:

C:\xwp2gb0h.exe

Use the browse button at the site to find the file, once you find the file double click it and it should appear in the empty space to the left of the browse button> click "send file".

Post the results in your reply.


Report •

#6
December 15, 2009 at 05:33:05
File gmer.exe received on 2009.12.15 13:07:09 (UTC)
Current status: finished

Result: 0/41 (0.00%)
Compact Print results Antivirus Version Last Update Result
a-squared 4.5.0.43 2009.12.15 -
AhnLab-V3 5.0.0.2 2009.12.15 -
AntiVir 7.9.1.108 2009.12.15 -
Antiy-AVL 2.0.3.7 2009.12.15 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.15 -
AVG 8.5.0.427 2009.12.15 -
BitDefender 7.2 2009.12.15 -
CAT-QuickHeal 10.00 2009.12.15 -
ClamAV 0.94.1 2009.12.15 -
Comodo 3252 2009.12.15 -
DrWeb 5.0.0.12182 2009.12.15 -
eSafe 7.0.17.0 2009.12.14 -
eTrust-Vet 35.1.7176 2009.12.15 -
F-Prot 4.5.1.85 2009.12.15 -
F-Secure 9.0.15370.0 2009.12.15 -
Fortinet 4.0.14.0 2009.12.15 -
GData 19 2009.12.15 -
Ikarus T3.1.1.74.0 2009.12.15 -
Jiangmin 13.0.900 2009.12.15 -
K7AntiVirus 7.10.920 2009.12.14 -
Kaspersky 7.0.0.125 2009.12.15 -
McAfee 5832 2009.12.14 -
McAfee+Artemis 5832 2009.12.14 -
McAfee-GW-Edition 6.8.5 2009.12.15 -
Microsoft 1.5302 2009.12.15 -
NOD32 4689 2009.12.15 -
Norman 6.04.03 2009.12.15 -
nProtect 2009.1.8.0 2009.12.15 -
Panda 10.0.2.2 2009.12.14 -
PCTools 7.0.3.5 2009.12.15 -
Prevx 3.0 2009.12.15 -
Rising 22.26.01.01 2009.12.15 -
Sophos 4.48.0 2009.12.15 -
Sunbelt 3.2.1858.2 2009.12.15 -
Symantec 1.4.4.12 2009.12.15 -
TheHacker 6.5.0.2.093 2009.12.15 -
TrendMicro 9.100.0.1001 2009.12.15 -
VBA32 3.12.12.0 2009.12.15 -
ViRobot 2009.12.15.2089 2009.12.15 -
VirusBuster 5.0.21.0 2009.12.14 -
Additional information
File size: 292864 bytes
MD5 : a05a5ca70da83038eb07f07e7b03f702
SHA1 : 4fcb159e989f591a3935bc7c0ce5d278a5382f88
SHA256: 3dee487daf2a264ffe02efad61799f563b48ce645770d7de1e12edc2d9259058
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xB3DD0
timedatestamp.....: 0x4B227DC7 (Fri Dec 11 18:13:43 2009)
machinetype.......: 0x14C (Intel I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x6D000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x6E000 0x46000 0x46000 7.93 758e194b70c2823402d31acf3edb8064
.rsrc 0xB4000 0x2000 0x1400 3.39 8ba90960134acc94bf5ccbf546189a41

( 1 imports )

> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess

( 0 exports )

TrID : File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
ssdeep: 6144:+N+1T4+dtnoWlTQpORsvM5wA/uCqPmIJ/e7Dx/XKJMLVn03JbY:g+1VoWl/Sv+/cf+9/XQMLV03
PEiD : -
packers (Kaspersky): PE_Patch.UPX, UPX, PE_Patch
packers (F-Prot): UPX
RDS : NSRL Reference Data Set
-


Report •

#7
December 16, 2009 at 20:18:10
Please run the BitDefender online scan this link:
Bitdefender Online Scanner

Click I Agree to agree to the EULA.
Allow the ActiveX control to install when prompted.
Click Click here to scan to begin the scan.
Please refrain from using the computer until the scan is finished. This might take a while to run, but it is important that nothing else is running while you scan.
When the scan is finished, click on Click here to export the scan results.
Save the report to your desktop so you can post it in your next reply.


Report •

#8
December 17, 2009 at 02:26:07
BitDefender Online Scanner


Scan report generated at: Thu, Dec 17, 2009 - 14:07:51





Scan path: C:\;D:\;E:\;







Statistics

Time
01:10:19

Files
331893

Folders
5585

Boot Sectors
0

Archives
25126

Packed Files
20948




Results

Identified Viruses
11

Infected Files
319

Suspect Files
1

Warnings
0

Disinfected
0

Deleted Files
311




Engines Info

Virus Definitions
4735426

Engine build
AVCORE v2.1 Windows/i386 11.0.0.26 (Oct 20 2009)

Scan plugins
17

Archive plugins
44

Unpack plugins
8

E-mail plugins
6

System plugins
4




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\Lpk.dll
Deleted

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx=>(message 112): GREEN EQUIPMENT SDN BHD-QUOTATION 30940 =>[Subject: GREEN EQUIPMENT SDN BHD-QUOTATION 3094][D
Suspected of: Trojan.Exploit.Iframe.D

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx=>(message 112): GREEN EQUIPMENT SDN BHD-QUOTATION 30940 =>[Subject: GREEN EQUIPMENT SDN BHD-QUOTATION 3094][D
Disinfection failed

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx=>(message 112): GREEN EQUIPMENT SDN BHD-QUOTATION 30940 =>[Subject: GREEN EQUIPMENT SDN BHD-QUOTATION 3094][D 3094][D
Deleted

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx=>(message 112): GREEN EQUIPMENT SDN BHD-QUOTATION 30940 =>[Subject: GREEN EQUIPMENT SDN BHD-QUOTATION 3094][D
Updated

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx=>(message 112): GREEN EQUIPMENT SDN BHD-QUOTATION 30940 =>[Subject: GREEN EQUIPMENT SDN BHD-QUOTATION 3094][D
Updated

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx=>(message 112): GREEN EQUIPMENT SDN BHD-QUOTATION 30940
Updated

C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{4ECA2086-9B56-4EE9-B17E-9AA21953A8B7}\Microsoft\Outlook Express\Vendor.dbx
Updated

C:\Documents and Settings\Owner\Local Settings\Temp\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\Local Settings\Temp\Lpk.dll
Deleted

C:\Documents and Settings\Owner\Local Settings\Temp\Rar$EX00.672\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\Local Settings\Temp\Rar$EX00.672\Usp10.dll
Deleted

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\456FS5QV\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\456FS5QV\Usp10.dll
Deleted

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M3BZU5QY\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\M3BZU5QY\Usp10.dll
Deleted

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WDUFC9A3\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WDUFC9A3\Lpk.dll
Deleted

C:\Documents and Settings\Owner\My Documents\Downloads\Programs\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\Downloads\Programs\Lpk.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\LZSupport.lzz
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\LZSupport.lzz
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\LZSupport.lzz
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\LZSupport.lzz
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\LZSupport.lzz
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\LZSupport.lzz
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\4th_modz_extendedz.rar=>4th modz extendedz\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\4th_modz_extendedz.rar=>4th modz extendedz\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\4th_modz_extendedz.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\CPE17 Autorun Killer (AntiAutorun) v.1.7.1 build 1325.exe
Infected with: Trojan.Generic.1794605

C:\Documents and Settings\Owner\My Documents\My Received Files\CPE17 Autorun Killer (AntiAutorun) v.1.7.1 build 1325.exe
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>LZSupport.lzz
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>LZSupport.lzz
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>LZSupport.lzz
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\perfect_special_1.0_full.rar=>perfect special 1.0 full\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\perfect_special_1.0_full.rar=>perfect special 1.0 full\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\perfect_special_1.0_full.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\pro audition_2.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\pro audition_2.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\pro audition_2.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidz cyber pg 6.0(1).rar=>snidz cyber pg 6.0\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\snidz cyber pg 6.0(1).rar=>snidz cyber pg 6.0\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidz cyber pg 6.0(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Infected with: Trojan.Generic.2735644

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Infected with: Gen:Trojan.Heur.GM.0008070824

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\teamviewer_setup.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\teamviewer_setup.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\teamviewer_setup.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\Usp10.dll
Deleted

C:\Fraps\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Fraps\Lpk.dll
Deleted

C:\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Deleted

C:\idm 5_14 build 5.rar
Update failed

C:\iP4200\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\iP4200\Usp10.dll
Deleted

C:\LovEZaCluB\AuLovEZaAgent\Main.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\LovEZaCluB\AuLovEZaAgent\Main.exe
Disinfection failed

C:\LovEZaCluB\AuLovEZaAgent\Main.exe
Deleted

C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\Lpk.dll
Deleted

C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\Lpk.dll
Deleted

C:\PlayPark\T3Entertainment\AuditionTH\HSHIELD\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\PlayPark\T3Entertainment\AuditionTH\HSHIELD\Usp10.dll
Deleted

C:\PlayPark\T3Entertainment\AuditionTH\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\PlayPark\T3Entertainment\AuditionTH\Lpk.dll
Deleted

C:\Program Files\Abbyy FineReader 6.0 Sprint\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Abbyy FineReader 6.0 Sprint\Lpk.dll
Deleted

C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\Lpk.dll
Deleted

C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\Twain\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\Twain\Lpk.dll
Deleted

C:\Program Files\Abbyy FineReader 6.0 Sprint\Support\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Abbyy FineReader 6.0 Sprint\Support\Usp10.dll
Deleted

C:\Program Files\ACD Systems\ACDSee Pro\2.0\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\ACD Systems\ACDSee Pro\2.0\Usp10.dll
Deleted

C:\Program Files\Acer\Acer Bio Protection\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Acer\Acer Bio Protection\Usp10.dll
Deleted

C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Lpk.dll
Deleted

C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\PaperCapture\Server\Asian\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\PaperCapture\Server\Asian\Lpk.dll
Deleted

C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\PaperCapture\Server\Roman\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\PaperCapture\Server\Roman\Lpk.dll
Deleted

C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\Usp10.dll
Deleted

C:\Program Files\Adobe\Acrobat 6.0\Distillr\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Acrobat 6.0\Distillr\Lpk.dll
Deleted

C:\Program Files\Adobe\Adobe Photoshop CS2\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Adobe Photoshop CS2\Lpk.dll
Deleted

C:\Program Files\Adobe\Reader 9.0\Reader\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Reader 9.0\Reader\Lpk.dll
Deleted

C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A92000000001}\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A92000000001}\Lpk.dll
Deleted

C:\Program Files\AuBot6.0\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\AuBot6.0\Usp10.dll
Deleted

C:\Program Files\Common Files\ACD Systems\EN\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\ACD Systems\EN\Usp10.dll
Deleted

C:\Program Files\Common Files\Adobe\ARM\1.0\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Adobe\ARM\1.0\Lpk.dll
Deleted

C:\Program Files\Common Files\Ahead\AudioPlugins\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Ahead\AudioPlugins\Usp10.dll
Deleted

C:\Program Files\Common Files\Ahead\Lib\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Ahead\Lib\Usp10.dll
Deleted

C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\Usp10.dll
Deleted

C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\Usp10.dll
Deleted

C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\Lpk.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\DW\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\DW\Usp10.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\Lpk.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\MSInfo\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\MSInfo\Lpk.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\OFFICE11\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\OFFICE11\Usp10.dll
Delete failed

C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\Smart Tag\Usp10.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\Speech\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\Speech\Lpk.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\Web Components\11\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\Web Components\11\Usp10.dll
Deleted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\Windows Live\Lpk.dll
Deleted

C:\Program Files\Common Files\System\MSMAPI\1033\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\System\MSMAPI\1033\Lpk.dll
Deleted

C:\Program Files\Common Files\System\MSMAPI\1054\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\System\MSMAPI\1054\Usp10.dll
Deleted

C:\Program Files\Common Files\Windows Live\.cache\1570d93c1c9e3e7\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Windows Live\.cache\1570d93c1c9e3e7\Usp10.dll
Deleted

C:\Program Files\CyberLink\PowerDVD\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\CyberLink\PowerDVD\Lpk.dll
Deleted

C:\Program Files\CyberLink\PowerDVD\OLRSubmission\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\CyberLink\PowerDVD\OLRSubmission\Lpk.dll
Deleted

C:\Program Files\CyberLink\Shared files\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\CyberLink\Shared files\Lpk.dll
Deleted

C:\Program Files\ESET\infected\QAOYLLAA.NQF=>(Quarantine-PE)
Infected with: Trojan.Generic.2827788

C:\Program Files\ESET\infected\QAOYLLAA.NQF=>(Quarantine-PE)
Deleted

C:\Program Files\ESET\infected\QAOYLLAA.NQF
Deleted

C:\Program Files\ESET\Install\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\ESET\Install\Lpk.dll
Deleted

C:\Program Files\ESET\Setup\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\ESET\Setup\Lpk.dll
Deleted

C:\Program Files\ESET\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\ESET\Usp10.dll
Deleted

C:\Program Files\Google\Google Toolbar\Component\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Google\Google Toolbar\Component\Usp10.dll
Deleted

C:\Program Files\Google\Google Toolbar\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Google\Google Toolbar\Lpk.dll
Deleted

C:\Program Files\GPLGS\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\GPLGS\Lpk.dll
Deleted

C:\Program Files\HP\Digital Imaging\bin\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\bin\Lpk.dll
Delete failed

C:\Program Files\HP\Digital Imaging\DocProc\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\DocProc\Lpk.dll
Deleted

C:\Program Files\HP\Digital Imaging\Help\cuetour\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\Help\cuetour\Lpk.dll
Deleted

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\Usp10.dll
Deleted

C:\Program Files\HP\Digital Imaging\Unload\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\Unload\Lpk.dll
Deleted

C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\Lpk.dll
Deleted

C:\Program Files\HP\HP Software Update\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\HP Software Update\Usp10.dll
Deleted

C:\Program Files\HP\Photosmart Essential\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Photosmart Essential\Usp10.dll
Deleted

C:\Program Files\HP\Temp\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Temp\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\Lpk.dll
Deleted

C:\Program Files\In The Groove\Program\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\In The Groove\Program\Usp10.dll
Deleted

C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\Usp10.dll
Deleted

C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Usp10.dll
Deleted

C:\Program Files\InstallShield Installation Information\{4A5A550D-1C7A-4D49-B4D2-003320AD4E7E}\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{4A5A550D-1C7A-4D49-B4D2-003320AD4E7E}\Lpk.dll
Deleted

C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Usp10.dll
Deleted

C:\Program Files\InstallShield Installation Information\{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}\Usp10.dll
Deleted

C:\Program Files\InstallShield Installation Information\{880A0DCF-E8C2-11D9-AAFD-0050BA1ACA6F}\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{880A0DCF-E8C2-11D9-AAFD-0050BA1ACA6F}\Lpk.dll
Deleted

C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Usp10.dll
Deleted

C:\Program Files\InstallShield Installation Information\{F651C08B-D29D-429D-9EA9-8FAED1D3DB87}\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\InstallShield Installation Information\{F651C08B-D29D-429D-9EA9-8FAED1D3DB87}\Lpk.dll
Deleted

C:\Program Files\Internet Explorer\Connection Wizard\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Internet Explorer\Connection Wizard\Lpk.dll
Deleted

C:\Program Files\Internet Explorer\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Internet Explorer\Usp10.dll
Delete failed

C:\Program Files\K-Lite Codec Pack\Filters\Haali\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\K-Lite Codec Pack\Filters\Haali\Lpk.dll
Deleted

C:\Program Files\K-Lite Codec Pack\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\K-Lite Codec Pack\Lpk.dll
Deleted

C:\Program Files\K-Lite Codec Pack\Media Player Classic\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\K-Lite Codec Pack\Media Player Classic\Lpk.dll
Deleted

C:\Program Files\K-Lite Codec Pack\Real\Update_OB\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\K-Lite Codec Pack\Real\Update_OB\Usp10.dll
Deleted

C:\Program Files\K-Lite Codec Pack\Tools\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\K-Lite Codec Pack\Tools\Lpk.dll
Deleted

C:\Program Files\Launch Manager\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Launch Manager\Lpk.dll
Deleted

C:\Program Files\Lexmark Applications\PageManager\PackExe\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Lexmark Applications\PageManager\PackExe\Lpk.dll
Deleted

C:\Program Files\Lexmark Applications\PageManager\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Lexmark Applications\PageManager\Usp10.dll
Deleted

C:\Program Files\Lexmark Applications\QLink\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Lexmark Applications\QLink\Usp10.dll
Delete failed

C:\Program Files\Lexmark_HostCD\Install\x86\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Lexmark_HostCD\Install\x86\Usp10.dll
Deleted

C:\Program Files\Messenger\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Messenger\Lpk.dll
Deleted

C:\Program Files\Microsoft\Office Live\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft\Office Live\Usp10.dll
Delete failed

C:\Program Files\Microsoft\Search Enhancement Pack\Choice Guard\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft\Search Enhancement Pack\Choice Guard\Lpk.dll
Deleted

C:\Program Files\Microsoft Office\OFFICE11\1033\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft Office\OFFICE11\1033\Lpk.dll
Deleted

C:\Program Files\Microsoft Office\OFFICE11\1054\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft Office\OFFICE11\1054\Lpk.dll
Deleted

C:\Program Files\Microsoft Office\OFFICE11\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft Office\OFFICE11\Lpk.dll
Delete failed

C:\Program Files\Microsoft Office Outlook Connector\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft Office Outlook Connector\Usp10.dll
Deleted

C:\Program Files\Microsoft Silverlight\3.0.40818.0\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft Silverlight\3.0.40818.0\Lpk.dll
Deleted

C:\Program Files\Movie Maker\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Movie Maker\Usp10.dll
Deleted

C:\Program Files\Nero\Nero Core\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Nero\Nero Core\Usp10.dll
Deleted

C:\Program Files\NetMeeting\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\NetMeeting\Usp10.dll
Deleted

C:\Program Files\NtreevSoft\Pangya_Th\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\NtreevSoft\Pangya_Th\Usp10.dll
Deleted

C:\Program Files\Outlook Express\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Outlook Express\Usp10.dll
Deleted

C:\Program Files\Realtek\Audio\Drivers\WDM\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Realtek\Audio\Drivers\WDM\Usp10.dll
Deleted

C:\Program Files\StepMania\Program\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\StepMania\Program\Usp10.dll
Deleted

C:\Program Files\Synaptics\SynTP\Media\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Synaptics\SynTP\Media\Usp10.dll
Deleted

C:\Program Files\Synaptics\SynTP\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Synaptics\SynTP\Usp10.dll
Deleted

C:\Program Files\TeamViewer\Version4\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\TeamViewer\Version4\Usp10.dll
Deleted

C:\Program Files\TOT\We Dancing Online\codec\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\TOT\We Dancing Online\codec\Usp10.dll
Deleted

C:\Program Files\TOT\We Dancing Online\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\TOT\We Dancing Online\Lpk.dll
Deleted

C:\Program Files\Total Video Converter\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Total Video Converter\Usp10.dll
Deleted

C:\Program Files\Trojan Remover\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Trojan Remover\Usp10.dll
Deleted

C:\Program Files\WIDCOMM\Bluetooth Software\bin\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\WIDCOMM\Bluetooth Software\bin\Lpk.dll
Delete failed

C:\Program Files\WIDCOMM\Bluetooth Software\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\WIDCOMM\Bluetooth Software\Lpk.dll
Delete failed

C:\Program Files\Winamp\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Winamp\Usp10.dll
Deleted

C:\Program Files\Winamp Toolbar\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Winamp Toolbar\Usp10.dll
Deleted

C:\Program Files\Windows Live\Contacts\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Contacts\Usp10.dll
Deleted

C:\Program Files\Windows Live\Family Safety\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Family Safety\Usp10.dll
Deleted

C:\Program Files\Windows Live\Installer\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Installer\Lpk.dll
Deleted

C:\Program Files\Windows Live\Mail\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Mail\Usp10.dll
Deleted

C:\Program Files\Windows Live\Messenger\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Messenger\Usp10.dll
Delete failed

C:\Program Files\Windows Live\Photo Gallery\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Photo Gallery\Lpk.dll
Deleted

C:\Program Files\Windows Live\Sync\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Sync\Usp10.dll
Deleted

C:\Program Files\Windows Live\Toolbar\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Toolbar\Lpk.dll
Delete failed

C:\Program Files\Windows Live\Writer\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Writer\Lpk.dll
Deleted

C:\Program Files\Windows Media Player\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Media Player\Lpk.dll
Deleted

C:\Program Files\Windows NT\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows NT\Lpk.dll
Deleted

C:\Program Files\Windows NT\Pinball\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows NT\Pinball\Usp10.dll
Deleted

C:\Program Files\WinRAR\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Program Files\WinRAR\Usp10.dll
Deleted

Continue Next Page......


Report •

#9
December 17, 2009 at 02:37:48
Continue...


C:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dc5350\AuLovEZaAgent\Main.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dc5350\AuLovEZaAgent\Main.exe
Disinfection failed

C:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dc5350\AuLovEZaAgent\Main.exe
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP165\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP165\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP171\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP171\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP172\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP172\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP175\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP175\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP176\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP176\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP178\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP178\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP179\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP179\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP185\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP185\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP187\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP187\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP189\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP189\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP195\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP195\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP197\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP197\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP199\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP199\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP205\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP205\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP206\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP206\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP208\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP208\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP209\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP209\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP217\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP217\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP218\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP218\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP219\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP219\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP220\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP220\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP222\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP222\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP226\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP226\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP227\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP227\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP228\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP228\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP229\A0035194.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP229\A0035194.exe
Disinfection failed

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP229\A0035194.exe
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP229\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP229\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\A0035361.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\A0035361.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\A0035362.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\A0035362.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\A0035440.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\A0035440.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP231\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP232\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP232\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP234\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP234\Usp10.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP237\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP237\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP239\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP239\Lpk.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036546.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036546.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036547.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036547.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036548.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036548.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036549.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036549.exe
Disinfection failed

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036549.exe
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036550.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036550.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036551.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036551.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036552.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036552.dll
Deleted


Report •

#10
December 17, 2009 at 02:43:23
Continue...

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036553.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036553.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036554.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036554.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036555.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036555.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036556.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036556.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036557.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036557.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036558.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036558.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036559.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036559.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036560.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036560.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036561.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036561.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036562.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036562.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036563.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036563.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036564.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036564.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036565.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036565.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036566.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036566.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036567.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036567.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036568.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036568.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036569.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036569.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036570.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036570.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036571.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036571.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036572.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036572.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036573.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036573.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036574.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036574.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036575.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036575.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036576.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036576.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036577.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036577.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036578.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036578.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036579.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036579.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036580.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036580.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036581.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036581.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036582.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036582.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036583.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036583.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036584.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036584.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036585.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036585.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036586.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036586.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036587.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036587.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036588.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036588.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036589.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036589.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036590.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036590.dll
Deleted


Report •

#11
December 17, 2009 at 02:44:17
Continue...

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036591.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036591.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036592.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036592.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036593.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036593.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036594.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036594.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036595.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036595.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036596.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036596.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036597.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036597.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036598.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036598.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036599.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036599.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036600.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036600.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036601.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036601.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036602.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036602.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036603.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036603.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036604.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036604.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036605.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036605.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036606.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036606.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036607.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036607.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036608.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036608.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036609.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036609.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036610.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036610.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036611.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036611.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036612.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036612.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036613.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036613.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036614.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036614.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036615.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036615.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036616.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036616.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036617.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036617.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036618.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036618.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036619.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036619.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036620.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036620.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036621.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036621.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036622.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036622.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036623.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036623.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036624.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036624.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036625.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036625.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036626.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036626.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036627.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036627.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036628.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036628.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036629.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036629.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036630.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036630.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036631.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036631.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036632.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036632.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036633.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036633.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036634.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036634.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036635.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036635.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036636.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036636.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036637.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036637.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036638.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036638.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036639.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036639.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036640.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036640.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036641.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036641.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036642.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036642.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036643.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036643.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036644.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036644.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036645.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036645.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036646.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036646.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036647.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036647.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036648.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036648.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036649.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036649.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036650.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036650.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036651.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036651.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036652.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036652.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036653.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036653.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036654.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036654.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036655.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036655.exe
Disinfection failed

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036655.exe
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\Lpk.dll
Deleted

C:\WINDOWS\inf\ThuVien.Dll
Infected with: Trojan.Generic.1899777

C:\WINDOWS\inf\ThuVien.Dll
Deleted

C:\WINDOWS\Lpk.dll
Infected with: Trojan.Generic.2827788

C:\WINDOWS\Lpk.dll
Deleted

C:\WINDOWS\pchealth\helpctr\binaries\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\WINDOWS\pchealth\helpctr\binaries\Usp10.dll
Deleted

C:\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Deleted

C:\wlm_9_beta_build.14.0.3921.717.rar
Update failed

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar=>Usp10.dll
Deleted

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar
Update failed

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd41.rar=>proxza3[1].4\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd41.rar=>proxza3[1].4\Usp10.dll
Deleted

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd41.rar
Update failed

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP194\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP194\Usp10.dll
Deleted

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP195\Lpk.dll
Infected with: Trojan.Generic.2827788

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP195\Lpk.dll
Deleted

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP197\Lpk.dll
Infected with: Trojan.Generic.2827788

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP197\Lpk.dll
Deleted

D:\~JoEY~\~JoE Gamer\4th mod.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\4th mod.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\4th mod.rar
Update failed

D:\~JoEY~\~JoE Gamer\4th_logintools.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\4th_logintools.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\4th_logintools.rar
Update failed

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>Asnpnet Software 3.85\ThaiGamerHacks\AuditionAgent SoLoving\ControlCenter.exe
Infected with: Trojan.Generic.1834443

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>Asnpnet Software 3.85\ThaiGamerHacks\AuditionAgent SoLoving\ControlCenter.exe
Deleted

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar
Update failed

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>asnpnet software 3.85\thaigamerhacks\auditionagent soloving\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>asnpnet software 3.85\thaigamerhacks\auditionagent soloving\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar
Update failed

D:\~JoEY~\~JoE Gamer\AuBot6.0\Lpk.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\AuBot6.0\Lpk.dll
Deleted

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe
Disinfection failed

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe
Deleted

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)
Update failed

D:\~JoEY~\~JoE Gamer\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\nd 1.7(1).rar
Update failed

D:\~JoEY~\~JoE Gamer\nd 1.7.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\nd 1.7.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\nd 1.7.rar
Update failed

D:\~JoEY~\~JoE Gamer\pro audition_2.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\pro audition_2.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\pro audition_2.rar
Update failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Infected with: Trojan.Generic.2735644

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Deleted

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar
Update failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Infected with: Gen:Trojan.Heur.GM.0008070824

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Disinfection failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Deleted

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar
Update failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar
Update failed

D:\~JoEY~\~JoE Gamer\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\พับจอseas...rar=>พับจอseason2\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\พับจอseas...rar=>พับจอseason2\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\พับจอseas...rar
Update failed

D:\~JoEY~\~Program\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Deleted

D:\~JoEY~\~Program\idm 5_14 build 5.rar
Update failed

D:\~JoEY~\~Program\Program download\switch.zip=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\Program download\switch.zip=>Usp10.dll
Deleted

D:\~JoEY~\~Program\Program download\switch.zip
Updated

D:\~JoEY~\~Program\Program download\total video converter.rar=>total video converter 3.10 + crack\crack\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\Program download\total video converter.rar=>total video converter 3.10 + crack\crack\Usp10.dll
Deleted

D:\~JoEY~\~Program\Program download\total video converter.rar
Update failed

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Deleted

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar
Update failed


Report •

#12
December 17, 2009 at 12:26:01
Run the Bitdefender online scan again please.

Report •

#13
December 17, 2009 at 21:27:27
BitDefender Online Scanner



Scan report generated at: Fri, Dec 18, 2009 - 12:24:24





Scan path: C:\;D:\;E:\;







Statistics

Time
01:05:06

Files
331123

Folders
5579

Boot Sectors
0

Archives
25232

Packed Files
20825




Results

Identified Viruses
10

Infected Files
61

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
61




Engines Info

Virus Definitions
4743296

Engine build
AVCORE v2.1 Windows/i386 11.0.0.33 (Oct 20 2009)

Scan plugins
17

Archive plugins
44

Unpack plugins
8

E-mail plugins
6

System plugins
4




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\LZSupport.lzz
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\LZSupport.lzz
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\LZSupport.lzz
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar=>0000\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\LZSupport.lzz
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\LZSupport.lzz
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\LZSupport.lzz
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar=>0000\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\0000.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\4th_modz_extendedz.rar=>4th modz extendedz\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\4th_modz_extendedz.rar=>4th modz extendedz\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\4th_modz_extendedz.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>LZSupport.lzz
Infected with: Gen:Trojan.Heur.GM.100000E120

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>LZSupport.lzz
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>LZSupport.lzz
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\narakv.6.7.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\nd 1.7.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\perfect_special_1.0_full.rar=>perfect special 1.0 full\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\perfect_special_1.0_full.rar=>perfect special 1.0 full\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\perfect_special_1.0_full.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\pro audition_2.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\pro audition_2.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\pro audition_2.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidz cyber pg 6.0(1).rar=>snidz cyber pg 6.0\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\snidz cyber pg 6.0(1).rar=>snidz cyber pg 6.0\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidz cyber pg 6.0(1).rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Infected with: Trojan.Generic.2735644

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Infected with: Gen:Trojan.Heur.GM.0008070824

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Disinfection failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\snidzcyberpg.rar
Update failed

C:\Documents and Settings\Owner\My Documents\My Received Files\teamviewer_setup.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\Documents and Settings\Owner\My Documents\My Received Files\teamviewer_setup.rar=>Usp10.dll
Deleted

C:\Documents and Settings\Owner\My Documents\My Received Files\teamviewer_setup.rar
Update failed

C:\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Infected with: Trojan.Generic.2827788

C:\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Deleted

C:\idm 5_14 build 5.rar
Update failed

C:\Program Files\Common Files\Microsoft Shared\OFFICE11\Thumbss.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Common Files\Microsoft Shared\OFFICE11\Thumbss.db
Deleted

C:\Program Files\HP\Digital Imaging\bin\Thumbs.db
Infected with: Trojan.Generic.2827788

C:\Program Files\HP\Digital Imaging\bin\Thumbs.db
Deleted

C:\Program Files\Internet Explorer\Thumbss.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Internet Explorer\Thumbss.db
Deleted

C:\Program Files\Lexmark Applications\QLink\Thumbss.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Lexmark Applications\QLink\Thumbss.db
Deleted

C:\Program Files\Microsoft\Office Live\Thumbss.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft\Office Live\Thumbss.db
Deleted

C:\Program Files\Microsoft Office\OFFICE11\Thumbs.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Microsoft Office\OFFICE11\Thumbs.db
Deleted

C:\Program Files\Outlook Express\Thumbs.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Outlook Express\Thumbs.db
Deleted

C:\Program Files\WIDCOMM\Bluetooth Software\bin\Thumbs.db
Infected with: Trojan.Generic.2827788

C:\Program Files\WIDCOMM\Bluetooth Software\bin\Thumbs.db
Deleted

C:\Program Files\WIDCOMM\Bluetooth Software\Thumbs.db
Infected with: Trojan.Generic.2827788

C:\Program Files\WIDCOMM\Bluetooth Software\Thumbs.db
Deleted

C:\Program Files\Windows Live\Messenger\Thumbss.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Messenger\Thumbss.db
Deleted

C:\Program Files\Windows Live\Toolbar\Thumbs.db
Infected with: Trojan.Generic.2827788

C:\Program Files\Windows Live\Toolbar\Thumbs.db
Deleted


Continue next page....

Report •

#14
December 17, 2009 at 21:28:29
Continue....


C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036656.Dll
Infected with: Trojan.Generic.1899777

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036656.Dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036657.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036657.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036658.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036658.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036662.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036662.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036663.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036663.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036664.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036664.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036665.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036665.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036666.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036666.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036667.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036667.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036668.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036668.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036669.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036669.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036670.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036670.dll
Deleted

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036671.dll
Infected with: Trojan.Generic.2827788

C:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036671.dll
Deleted

C:\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

C:\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Deleted

C:\wlm_9_beta_build.14.0.3921.717.rar
Update failed

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar=>Usp10.dll
Deleted

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar
Update failed

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd41.rar=>proxza3[1].4\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd41.rar=>proxza3[1].4\Usp10.dll
Deleted

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd41.rar
Update failed

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036659.dll
Infected with: Trojan.Generic.2827788

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036659.dll
Deleted

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036660.dll
Infected with: Trojan.Generic.2827788

D:\System Volume Information\_restore{CB4CA826-0AC9-48BE-87F4-57AEDAFBF89A}\RP241\A0036660.dll
Deleted

D:\~JoEY~\~JoE Gamer\4th mod.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\4th mod.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\4th mod.rar
Update failed

D:\~JoEY~\~JoE Gamer\4th_logintools.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\4th_logintools.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\4th_logintools.rar
Update failed

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>Asnpnet Software 3.85\ThaiGamerHacks\AuditionAgent SoLoving\ControlCenter.exe
Infected with: Trojan.Generic.1834443

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>Asnpnet Software 3.85\ThaiGamerHacks\AuditionAgent SoLoving\ControlCenter.exe
Deleted

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar
Update failed

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>asnpnet software 3.85\thaigamerhacks\auditionagent soloving\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar=>asnpnet software 3.85\thaigamerhacks\auditionagent soloving\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar
Update failed

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe
Infected with: Gen:Trojan.Heur.GM.100000E120

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe
Disinfection failed

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe
Deleted

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)
Update failed

D:\~JoEY~\~JoE Gamer\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\nd 1.7(1).rar=>nd 1.7\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\nd 1.7(1).rar
Update failed

D:\~JoEY~\~JoE Gamer\nd 1.7.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\nd 1.7.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\nd 1.7.rar
Update failed

D:\~JoEY~\~JoE Gamer\pro audition_2.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\pro audition_2.rar=>Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\pro audition_2.rar
Update failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Infected with: Trojan.Generic.2735644

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe
Deleted

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar
Update failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Infected with: Gen:Trojan.Heur.GM.0008070824

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Disinfection failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe
Deleted

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar
Update failed

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar
Update failed

D:\~JoEY~\~JoE Gamer\พับจอseas...rar=>พับจอseason2\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~JoE Gamer\พับจอseas...rar=>พับจอseason2\Usp10.dll
Deleted

D:\~JoEY~\~JoE Gamer\พับจอseas...rar
Update failed

D:\~JoEY~\~Program\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll
Deleted

D:\~JoEY~\~Program\idm 5_14 build 5.rar
Update failed

D:\~JoEY~\~Program\Program download\total video converter.rar=>total video converter 3.10 + crack\crack\Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\Program download\total video converter.rar=>total video converter 3.10 + crack\crack\Usp10.dll
Deleted

D:\~JoEY~\~Program\Program download\total video converter.rar
Update failed

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Infected with: Trojan.Generic.2827788

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll
Deleted

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar
Update failed


Report •

#15
December 19, 2009 at 17:22:55
Navigate to and delete these files if found, looks like some are cracks:

C:\wlm_9_beta_build.14.0.3921.717.rar

D:\RECYCLER\S-1-5-21-1547161642-1343024091-839522115-1003\Dd40.rar

D:\~JoEY~\~JoE Gamer\4th mod.rar

D:\~JoEY~\~JoE Gamer\4th_logintools.rar

D:\~JoEY~\~JoE Gamer\asnpnet software 3.85.rar

D:\~JoEY~\~JoE Gamer\AuLovEZaAgent.rar=>Setup.exe=>(RAR Sfx o)=>Main.exe

D:\~JoEY~\~JoE Gamer\nd 1.7.rar=>Usp10.dll

D:\~JoEY~\~JoE Gamer\pro audition_2.rar=>Usp10.dll

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\AutoUpdate.exe

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>SNIDzCyberPG\SNIDz Cyber PG.exe

D:\~JoEY~\~JoE Gamer\snidzcyberpg.rar=>snidzcyberpg\Usp10.dll

D:\~JoEY~\~JoE Gamer\พับจอseas...rar=>พับจอseason2\Usp10.dll

D:\~JoEY~\~Program\idm 5_14 build 5.rar=>idm 5.14 build 5\Usp10.dll

D:\~JoEY~\~Program\Program download\total video converter.rar=>total video converter 3.10 + crack\crack\Usp10.dll

D:\~JoEY~\~Program\wlm_9_beta_build.14.0.3921.717.rar=>Usp10.dll

Empty the restore folder. Go to start>control panel>system>system restore tab>check the box beside "turn off system restore>apply (takes a minute)>ok. Go back and uncheck the box to turn system restore back on>apply>ok.

Next create a new restore point. Go to start> run> type in msconfig> ok> click launch system restore> check the circle beside "create a restore point> next> name it today's date> create > click home > exit the system configuration utility> restart the computer.

Download ATF Cleaner from this link:
http://www.majorgeeks.com/ATF_Cleaner_d4949.html
Run ATF-Cleaner
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Then post one more Eset scan log please.



Report •

#16
December 21, 2009 at 19:37:46
Scan performed at: 11/26/2009 9:57:28 AM
Scanning Log
NOD32 version 4637 (20091125) NT
Operating memory - is OK

Date: 26.11.2009 Time: 09:57:30
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:; D:
C:\pagefile.sys - error opening (File locked) [4]
C:\Documents and Settings\LocalService\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\Owner\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\Owner\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\Owner\Application Data\Skype\joey_mizz\dc.db-journal - error opening (File locked) [4]
C:\Documents and Settings\Owner\Application Data\Skype\joey_mizz\dc.lock - error opening (File locked) [4]
C:\Documents and Settings\Owner\Application Data\Skype\joey_mizz\main.db-journal - error opening (File locked) [4]
C:\Documents and Settings\Owner\Application Data\Skype\joey_mizz\main.lock - error opening (File locked) [4]
Scanning interrupted by user!
Number of scanned files: 1705
Number of threats found: 0
Time of completion: 09:57:31 Total scanning time: 1 sec (00:00:01)

Notes:
[4] File cannot be opened. It may be in use by another application or operating system.


Report •

#17
December 21, 2009 at 20:06:57
Are you still getting popups?

Report •

#18
December 21, 2009 at 20:25:50
Hi Jabuck,

I observe that have no virus warinng popups after run Bitdefender, and after that I followed your replied number 15, untill now no more popups on my computer !

Big thanks to you!!


Report •

#19
December 23, 2009 at 04:30:48
Glad we could help.

Report •


Ask Question