Computer Getting Pop-ups And Running Slower Than Usual.


Recommended Posts

heres the Log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 4:10:44 PM, on 1/31/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\M-Audio Uno\UnoInst.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Cyb2k.exe

C:\Program Files\Lexmark 2400 Series\lxcrmon.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\WINDOWS\system32\lxcrcoms.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\LClock\LClock.exe

C:\Program Files\SBPaper\paper.exe

C:\Documents and Settings\Pete's\Desktop\Other apps\vistart_2502_english_skin_default\ViStart.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\aduttakp.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\explorer.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\HJT\HJTInstall.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - (no file)

O2 - BHO: (no name) - {39195EDC-FA72-4393-BF58-A7DB2AA9A1CE} - C:\WINDOWS\system32\mljgh.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {A051B1FF-8D7E-418B-AABE-4FF82F4280A2} - C:\WINDOWS\system32\awturqo.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: {059d3106-4d15-a8ca-cee4-69e597e6ccfe} - {efcc6e79-5e96-4eec-ac8a-51d46013d950} - C:\WINDOWS\system32\kvkefcjf.dll

O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll

O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll

O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - (no file)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll

O4 - HKLM\..\Run: [C2K] C:\WINDOWS\Cyb2k.exe

O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [40408b53] rundll32.exe "C:\WINDOWS\system32\hkfltapo.dll",b

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe

O4 - HKCU\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe

O4 - HKCU\..\Run: [scottsPaperManager] "C:\Program Files\SBPaper\paper.exe" -autominimize

O4 - HKCU\..\Run: [ViOrb] C:\Program Files\ViOrb\ViOrb.exe

O4 - HKCU\..\Run: [ViStart] C:\Documents and Settings\Pete's\Desktop\Other apps\vistart_2502_english_skin_default\ViStart

O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')

O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')

O4 - Startup: Thoosje Vista Sidebar.lnk = C:\Program Files\Vista Sidebar\Thoosje Vista Sidebar.exe

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O15 - Trusted Zone: *.stumbleupon.com

O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab

O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187204501375

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab

O16 - DPF: {A954AFC3-3A26-44C2-A126-2B61C09F8FC9} (SNRecovery Control) - http://www.cybersitter.com/recovery/ocx/SerialRecovery.ocx

O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O20 - AppInit_DLLs: wbsys.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: awturqo - C:\WINDOWS\SYSTEM32\awturqo.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: DomainService - - C:\WINDOWS\system32\aduttakp.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe

O23 - Service: Uno Installer (UnoInstallerService) - Unknown owner - C:\Program Files\M-Audio Uno\UnoInst.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--

End of file - 12290 bytes

Link to post
Share on other sites

Please download VundoFix.exe to your desktop

  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.

Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

Download Combofix to your desktop.

Doubleclick combofix.exe

Follow the prompts.

Don't click on the window while the fix is running, because that will cause your system to hang.

When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.

Post

  • Combofix log
  • C:\vundofix.txt

in your next reply .

Link to post
Share on other sites

VundoFix V6.5.6

Checking Java version...

Java version is 1.4.2.3

Old versions of java are exploitable and should be removed.

Scan started at 3:38:25 PM 7/25/2007

Listing files found while scanning....

No infected files were found.

VundoFix V6.5.9

Checking Java version...

Java version is 1.4.2.3

Old versions of java are exploitable and should be removed.

Scan started at 5:27:42 PM 10/3/2007

Listing files found while scanning....

C:\windows\system32\acyveqdm.ini

C:\windows\system32\aggvaorn.dll

C:\windows\system32\aglsjgsq.dll

C:\windows\system32\ahadrepr.dll

C:\windows\system32\akvxhcfv.dll

C:\windows\system32\aorvyaqt.ini

C:\WINDOWS\system32\awvtr.dll

C:\windows\system32\ayldidqg.ini

C:\windows\system32\ayxnnfgr.ini

C:\windows\system32\bbvckdpp.ini

C:\windows\system32\binqsyqw.dll

C:\windows\system32\bjyufmfi.ini

C:\windows\system32\bqyyrevi.ini

C:\windows\system32\btjdryrr.dll

C:\windows\system32\bybtpite.dll

C:\windows\system32\bydrafbu.ini

C:\windows\system32\ceownxft.dll

C:\windows\system32\chjkemhj.ini

C:\windows\system32\clnlelfd.dll

C:\WINDOWS\system32\coxsgffg.dll

C:\windows\system32\cqqmhnwr.ini

C:\windows\system32\dcpgmlpy.dll

C:\windows\system32\dflelnlc.ini

C:\windows\system32\difpuoew.dll

C:\windows\system32\dlbudeas.dll

C:\windows\system32\dmxejgoi.ini

C:\windows\system32\dpyhlpxv.dll

C:\windows\system32\drdlommt.dll

C:\windows\system32\drnjxljn.ini

C:\windows\system32\drqsfxvm.ini

C:\windows\system32\eervjfyx.dll

C:\windows\system32\ejmvqbyv.dll

C:\windows\system32\ekpgbiyn.ini

C:\windows\system32\embxsohx.ini

C:\windows\system32\emlvkxij.dll

C:\windows\system32\ensjjknj.dll

C:\windows\system32\eqfftdqr.dll

C:\windows\system32\etiptbyb.ini

C:\windows\system32\evdrcnft.ini

C:\windows\system32\eysxdeyr.dll

C:\windows\system32\fcaminff.dll

C:\windows\system32\fcxqoiex.ini

C:\windows\system32\fdxxnelg.ini

C:\windows\system32\ffnimacf.ini

C:\windows\system32\ffrwohdj.ini

C:\windows\system32\fhssyspr.ini

C:\windows\system32\fnlkgupm.ini

C:\windows\system32\frxqypvp.ini

C:\windows\system32\fsxfysss.dll

C:\windows\system32\ftbuikuj.dll

C:\windows\system32\fvuielst.dll

C:\windows\system32\ghlorpmp.dll

C:\windows\system32\glenxxdf.dll

C:\windows\system32\gnipaxix.dll

C:\windows\system32\gqdidlya.dll

C:\windows\system32\hfyhwwlu.ini

C:\windows\system32\hngoeehn.dll

C:\windows\system32\hsmyuiym.ini

C:\windows\system32\hvwvedpq.dll

C:\windows\system32\ifmfuyjb.dll

C:\windows\system32\ihyeawiu.dll

C:\windows\system32\iogjexmd.dll

C:\windows\system32\iveryyqb.dll

C:\windows\system32\ixxvtvxm.ini

C:\windows\system32\jdhowrff.dll

C:\windows\system32\jewafmsx.ini

C:\windows\system32\jhmekjhc.dll

C:\windows\system32\jixkvlme.ini

C:\windows\system32\jjjdcrep.ini

C:\windows\system32\jnkjjsne.ini

C:\windows\system32\jolwnndo.dll

C:\windows\system32\jqeppbjx.dll

C:\windows\system32\jukiubtf.ini

C:\windows\system32\kbacmjbo.dll

C:\windows\system32\kjhpmtkw.dll

C:\windows\system32\kjshanat.ini

C:\windows\system32\kttgkakl.dll

C:\windows\system32\kuvqdujv.dll

C:\windows\system32\kvkwlncr.dll

C:\windows\system32\ldmvlcns.ini

C:\windows\system32\lhwrkdbt.dll

C:\windows\system32\lkakgttk.ini

C:\windows\system32\lkemsolv.dll

C:\WINDOWS\system32\lubphvcu.dll

C:\windows\system32\luunjajp.ini

C:\windows\system32\mdqevyca.dll

C:\windows\system32\mgavwain.dll

C:\windows\system32\mitsenpn.ini

C:\windows\system32\mjglnelx.ini

C:\windows\system32\mpugklnf.dll

C:\windows\system32\mqkwdqns.dll

C:\windows\system32\mrohsivq.ini

C:\windows\system32\mvxfsqrd.dll

C:\windows\system32\mxvtvxxi.dll

C:\windows\system32\myafaokt.ini

C:\windows\system32\myiuymsh.dll

C:\windows\system32\nbuyciep.dll

C:\WINDOWS\system32\nbytahug.dll

C:\windows\system32\ncirjmkv.dll

C:\windows\system32\nhatropy.ini

C:\windows\system32\nheeognh.ini

C:\windows\system32\nhntmorq.ini

C:\windows\system32\niawvagm.ini

C:\windows\system32\njlxjnrd.dll

C:\windows\system32\nkjwaavh.exe

C:\windows\system32\npnestim.dll

C:\windows\system32\nqmvsnfq.ini

C:\windows\system32\nroavgga.ini

C:\windows\system32\nyibgpke.dll

C:\windows\system32\objmcabk.ini

C:\windows\system32\odnnwloj.ini

C:\windows\system32\ohlpxlws.dll

C:\windows\system32\onwsiivp.ini

C:\windows\system32\ooufpkwr.ini

C:\windows\system32\ouinjiqr.dll

C:\windows\system32\pbbniabv.dll

C:\windows\system32\peicyubn.ini

C:\windows\system32\percdjjj.dll

C:\windows\system32\piomrlyu.ini

C:\windows\system32\pjajnuul.dll

C:\windows\system32\pjvbrogt.dll

C:\windows\system32\pluwwilv.dll

C:\windows\system32\pmprolhg.ini

C:\windows\system32\ppdkcvbb.dll

C:\windows\system32\pviiswno.dll

C:\windows\system32\pvpyqxrf.dll

C:\windows\system32\pxjjjaax.dll

C:\windows\system32\qbqvocnq.dll

C:\windows\system32\qesahwmq.ini

C:\windows\system32\qfnsvmqn.dll

C:\windows\system32\qmwhaseq.dll

C:\windows\system32\qncovqbq.ini

C:\windows\system32\qpdevwvh.ini

C:\windows\system32\qromtnhn.dll

C:\windows\system32\qsgjslga.ini

C:\windows\system32\qubdmgps.dll

C:\windows\system32\qvishorm.dll

C:\windows\system32\rcnlwkvk.ini

C:\windows\system32\rcrwxhvs.dll

C:\windows\system32\rgfnnxya.dll

C:\windows\system32\rooksxis.dll

C:\windows\system32\rperdaha.ini

C:\windows\system32\rpsysshf.dll

C:\windows\system32\rqdtffqe.ini

C:\windows\system32\rqijniuo.ini

C:\windows\system32\rryrdjtb.ini

C:\WINDOWS\system32\rtvwa.bak1

C:\WINDOWS\system32\rtvwa.bak2

C:\WINDOWS\system32\rtvwa.ini

C:\WINDOWS\system32\rtvwa.ini2

C:\WINDOWS\system32\rtvwa.tmp

C:\windows\system32\rwkpfuoo.dll

C:\windows\system32\rwnhmqqc.dll

C:\windows\system32\ryedxsye.ini

C:\windows\system32\saedubld.ini

C:\windows\system32\saqlwdcw.ini

C:\windows\system32\sarkjvou.ini

C:\windows\system32\sgmrvvjt.ini

C:\windows\system32\sixskoor.ini

C:\windows\system32\snclvmdl.dll

C:\windows\system32\snqdwkqm.ini

C:\windows\system32\spgmdbuq.ini

C:\windows\system32\sssyfxsf.ini

C:\windows\system32\svhxwrcr.ini

C:\windows\system32\swlxplho.ini

C:\windows\system32\tanahsjk.dll

C:\windows\system32\tbdkrwhl.ini

C:\windows\system32\tfncrdve.dll

C:\windows\system32\tgorbvjp.ini

C:\windows\system32\tjvvrmgs.dll

C:\windows\system32\tkoafaym.dll

C:\windows\system32\tmmoldrd.ini

C:\windows\system32\tqayvroa.dll

C:\windows\system32\tsleiuvf.ini

C:\windows\system32\ubfardyb.dll

C:\windows\system32\ucqqimax.ini

C:\windows\system32\ucvhpbul.ini

C:\windows\system32\ucwikttu.dll

C:\windows\system32\uiwaeyhi.ini

C:\windows\system32\ulwwhyfh.dll

C:\windows\system32\uovjkras.dll

C:\windows\system32\uqyqipfy.ini

C:\windows\system32\uttkiwcu.ini

C:\windows\system32\uylrmoip.dll

C:\windows\system32\vbainbbp.ini

C:\windows\system32\vfchxvka.ini

C:\windows\system32\vjudqvuk.ini

C:\windows\system32\vkmjricn.ini

C:\windows\system32\vliwwulp.ini

C:\windows\system32\vlosmekl.ini

C:\windows\system32\vxplhypd.ini

C:\windows\system32\vybqvmje.ini

C:\windows\system32\wcdwlqas.dll

C:\windows\system32\weoupfid.ini

C:\windows\system32\wktmphjk.ini

C:\windows\system32\wqysqnib.ini

C:\windows\system32\wxuorxgx.dll

C:\windows\system32\wytgnygy.ini

C:\windows\system32\xaajjjxp.ini

C:\windows\system32\xamiqqcu.dll

C:\windows\system32\xeioqxcf.dll

C:\windows\system32\xgxrouxw.ini

C:\windows\system32\xhosxbme.dll

C:\windows\system32\xixaping.ini

C:\windows\system32\xjbppeqj.ini

C:\windows\system32\xlenlgjm.dll

C:\windows\system32\xmcnmmmx.ini

C:\windows\system32\xmmmncmx.dll

C:\windows\system32\xsmfawej.dll

C:\WINDOWS\system32\xxyyywt.dll

C:\windows\system32\xyfjvree.ini

C:\windows\system32\yfpiqyqu.dll

C:\windows\system32\ygyngtyw.dll

C:\windows\system32\yplmgpcd.ini

C:\windows\system32\yportahn.dll

Beginning removal...

Attempting to delete C:\windows\system32\acyveqdm.ini

C:\windows\system32\acyveqdm.ini Has been deleted!

Attempting to delete C:\windows\system32\aggvaorn.dll

C:\windows\system32\aggvaorn.dll Has been deleted!

Attempting to delete C:\windows\system32\aglsjgsq.dll

C:\windows\system32\aglsjgsq.dll Has been deleted!

Attempting to delete C:\windows\system32\ahadrepr.dll

C:\windows\system32\ahadrepr.dll Has been deleted!

Attempting to delete C:\windows\system32\akvxhcfv.dll

C:\windows\system32\akvxhcfv.dll Has been deleted!

Attempting to delete C:\windows\system32\aorvyaqt.ini

C:\windows\system32\aorvyaqt.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\awvtr.dll

C:\WINDOWS\system32\awvtr.dll Could not be deleted.

Attempting to delete C:\windows\system32\ayldidqg.ini

C:\windows\system32\ayldidqg.ini Has been deleted!

Attempting to delete C:\windows\system32\ayxnnfgr.ini

C:\windows\system32\ayxnnfgr.ini Has been deleted!

Attempting to delete C:\windows\system32\bbvckdpp.ini

C:\windows\system32\bbvckdpp.ini Has been deleted!

Attempting to delete C:\windows\system32\binqsyqw.dll

C:\windows\system32\binqsyqw.dll Has been deleted!

Attempting to delete C:\windows\system32\bjyufmfi.ini

C:\windows\system32\bjyufmfi.ini Has been deleted!

Attempting to delete C:\windows\system32\bqyyrevi.ini

C:\windows\system32\bqyyrevi.ini Has been deleted!

Attempting to delete C:\windows\system32\btjdryrr.dll

C:\windows\system32\btjdryrr.dll Has been deleted!

Attempting to delete C:\windows\system32\bybtpite.dll

C:\windows\system32\bybtpite.dll Has been deleted!

Attempting to delete C:\windows\system32\bydrafbu.ini

C:\windows\system32\bydrafbu.ini Has been deleted!

Attempting to delete C:\windows\system32\ceownxft.dll

C:\windows\system32\ceownxft.dll Has been deleted!

Attempting to delete C:\windows\system32\chjkemhj.ini

C:\windows\system32\chjkemhj.ini Has been deleted!

Attempting to delete C:\windows\system32\clnlelfd.dll

C:\windows\system32\clnlelfd.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\coxsgffg.dll

C:\WINDOWS\system32\coxsgffg.dll Has been deleted!

Attempting to delete C:\windows\system32\cqqmhnwr.ini

C:\windows\system32\cqqmhnwr.ini Has been deleted!

Attempting to delete C:\windows\system32\dcpgmlpy.dll

C:\windows\system32\dcpgmlpy.dll Has been deleted!

Attempting to delete C:\windows\system32\dflelnlc.ini

C:\windows\system32\dflelnlc.ini Has been deleted!

Attempting to delete C:\windows\system32\difpuoew.dll

C:\windows\system32\difpuoew.dll Has been deleted!

Attempting to delete C:\windows\system32\dlbudeas.dll

C:\windows\system32\dlbudeas.dll Has been deleted!

Attempting to delete C:\windows\system32\dmxejgoi.ini

C:\windows\system32\dmxejgoi.ini Has been deleted!

Attempting to delete C:\windows\system32\dpyhlpxv.dll

C:\windows\system32\dpyhlpxv.dll Has been deleted!

Attempting to delete C:\windows\system32\drdlommt.dll

C:\windows\system32\drdlommt.dll Has been deleted!

Attempting to delete C:\windows\system32\drnjxljn.ini

C:\windows\system32\drnjxljn.ini Has been deleted!

Attempting to delete C:\windows\system32\drqsfxvm.ini

C:\windows\system32\drqsfxvm.ini Has been deleted!

Attempting to delete C:\windows\system32\eervjfyx.dll

C:\windows\system32\eervjfyx.dll Has been deleted!

Attempting to delete C:\windows\system32\ejmvqbyv.dll

C:\windows\system32\ejmvqbyv.dll Has been deleted!

Attempting to delete C:\windows\system32\ekpgbiyn.ini

C:\windows\system32\ekpgbiyn.ini Has been deleted!

Attempting to delete C:\windows\system32\embxsohx.ini

C:\windows\system32\embxsohx.ini Has been deleted!

Attempting to delete C:\windows\system32\emlvkxij.dll

C:\windows\system32\emlvkxij.dll Has been deleted!

Attempting to delete C:\windows\system32\ensjjknj.dll

C:\windows\system32\ensjjknj.dll Has been deleted!

Attempting to delete C:\windows\system32\eqfftdqr.dll

C:\windows\system32\eqfftdqr.dll Has been deleted!

Attempting to delete C:\windows\system32\etiptbyb.ini

C:\windows\system32\etiptbyb.ini Has been deleted!

Attempting to delete C:\windows\system32\evdrcnft.ini

C:\windows\system32\evdrcnft.ini Has been deleted!

Attempting to delete C:\windows\system32\eysxdeyr.dll

C:\windows\system32\eysxdeyr.dll Has been deleted!

Attempting to delete C:\windows\system32\fcaminff.dll

C:\windows\system32\fcaminff.dll Has been deleted!

Attempting to delete C:\windows\system32\fcxqoiex.ini

C:\windows\system32\fcxqoiex.ini Has been deleted!

Attempting to delete C:\windows\system32\fdxxnelg.ini

C:\windows\system32\fdxxnelg.ini Has been deleted!

Attempting to delete C:\windows\system32\ffnimacf.ini

C:\windows\system32\ffnimacf.ini Has been deleted!

Attempting to delete C:\windows\system32\ffrwohdj.ini

C:\windows\system32\ffrwohdj.ini Has been deleted!

Attempting to delete C:\windows\system32\fhssyspr.ini

C:\windows\system32\fhssyspr.ini Has been deleted!

Attempting to delete C:\windows\system32\fnlkgupm.ini

C:\windows\system32\fnlkgupm.ini Has been deleted!

Attempting to delete C:\windows\system32\frxqypvp.ini

C:\windows\system32\frxqypvp.ini Has been deleted!

Attempting to delete C:\windows\system32\fsxfysss.dll

C:\windows\system32\fsxfysss.dll Has been deleted!

Attempting to delete C:\windows\system32\ftbuikuj.dll

C:\windows\system32\ftbuikuj.dll Has been deleted!

Attempting to delete C:\windows\system32\fvuielst.dll

C:\windows\system32\fvuielst.dll Has been deleted!

Attempting to delete C:\windows\system32\ghlorpmp.dll

C:\windows\system32\ghlorpmp.dll Has been deleted!

Attempting to delete C:\windows\system32\glenxxdf.dll

C:\windows\system32\glenxxdf.dll Has been deleted!

Attempting to delete C:\windows\system32\gnipaxix.dll

C:\windows\system32\gnipaxix.dll Has been deleted!

Attempting to delete C:\windows\system32\gqdidlya.dll

C:\windows\system32\gqdidlya.dll Has been deleted!

Attempting to delete C:\windows\system32\hfyhwwlu.ini

C:\windows\system32\hfyhwwlu.ini Has been deleted!

Attempting to delete C:\windows\system32\hngoeehn.dll

C:\windows\system32\hngoeehn.dll Has been deleted!

Attempting to delete C:\windows\system32\hsmyuiym.ini

C:\windows\system32\hsmyuiym.ini Has been deleted!

Attempting to delete C:\windows\system32\hvwvedpq.dll

C:\windows\system32\hvwvedpq.dll Has been deleted!

Attempting to delete C:\windows\system32\ifmfuyjb.dll

C:\windows\system32\ifmfuyjb.dll Has been deleted!

Attempting to delete C:\windows\system32\ihyeawiu.dll

C:\windows\system32\ihyeawiu.dll Has been deleted!

Attempting to delete C:\windows\system32\iogjexmd.dll

C:\windows\system32\iogjexmd.dll Has been deleted!

Attempting to delete C:\windows\system32\iveryyqb.dll

C:\windows\system32\iveryyqb.dll Has been deleted!

Attempting to delete C:\windows\system32\ixxvtvxm.ini

C:\windows\system32\ixxvtvxm.ini Has been deleted!

Attempting to delete C:\windows\system32\jdhowrff.dll

C:\windows\system32\jdhowrff.dll Has been deleted!

Attempting to delete C:\windows\system32\jewafmsx.ini

C:\windows\system32\jewafmsx.ini Has been deleted!

Attempting to delete C:\windows\system32\jhmekjhc.dll

C:\windows\system32\jhmekjhc.dll Has been deleted!

Attempting to delete C:\windows\system32\jixkvlme.ini

C:\windows\system32\jixkvlme.ini Has been deleted!

Attempting to delete C:\windows\system32\jjjdcrep.ini

C:\windows\system32\jjjdcrep.ini Has been deleted!

Attempting to delete C:\windows\system32\jnkjjsne.ini

C:\windows\system32\jnkjjsne.ini Has been deleted!

Attempting to delete C:\windows\system32\jolwnndo.dll

C:\windows\system32\jolwnndo.dll Has been deleted!

Attempting to delete C:\windows\system32\jqeppbjx.dll

C:\windows\system32\jqeppbjx.dll Has been deleted!

Attempting to delete C:\windows\system32\jukiubtf.ini

C:\windows\system32\jukiubtf.ini Has been deleted!

Attempting to delete C:\windows\system32\kbacmjbo.dll

C:\windows\system32\kbacmjbo.dll Has been deleted!

Attempting to delete C:\windows\system32\kjhpmtkw.dll

C:\windows\system32\kjhpmtkw.dll Has been deleted!

Attempting to delete C:\windows\system32\kjshanat.ini

C:\windows\system32\kjshanat.ini Has been deleted!

Attempting to delete C:\windows\system32\kttgkakl.dll

C:\windows\system32\kttgkakl.dll Has been deleted!

Attempting to delete C:\windows\system32\kuvqdujv.dll

C:\windows\system32\kuvqdujv.dll Has been deleted!

Attempting to delete C:\windows\system32\kvkwlncr.dll

C:\windows\system32\kvkwlncr.dll Has been deleted!

Attempting to delete C:\windows\system32\ldmvlcns.ini

C:\windows\system32\ldmvlcns.ini Has been deleted!

Attempting to delete C:\windows\system32\lhwrkdbt.dll

C:\windows\system32\lhwrkdbt.dll Has been deleted!

Attempting to delete C:\windows\system32\lkakgttk.ini

C:\windows\system32\lkakgttk.ini Has been deleted!

Attempting to delete C:\windows\system32\lkemsolv.dll

C:\windows\system32\lkemsolv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lubphvcu.dll

C:\WINDOWS\system32\lubphvcu.dll Could not be deleted.

Attempting to delete C:\windows\system32\luunjajp.ini

C:\windows\system32\luunjajp.ini Has been deleted!

Attempting to delete C:\windows\system32\mdqevyca.dll

C:\windows\system32\mdqevyca.dll Has been deleted!

Attempting to delete C:\windows\system32\mgavwain.dll

C:\windows\system32\mgavwain.dll Has been deleted!

Attempting to delete C:\windows\system32\mitsenpn.ini

C:\windows\system32\mitsenpn.ini Has been deleted!

Attempting to delete C:\windows\system32\mjglnelx.ini

C:\windows\system32\mjglnelx.ini Has been deleted!

Attempting to delete C:\windows\system32\mpugklnf.dll

C:\windows\system32\mpugklnf.dll Has been deleted!

Attempting to delete C:\windows\system32\mqkwdqns.dll

C:\windows\system32\mqkwdqns.dll Has been deleted!

Attempting to delete C:\windows\system32\mrohsivq.ini

C:\windows\system32\mrohsivq.ini Has been deleted!

Attempting to delete C:\windows\system32\mvxfsqrd.dll

C:\windows\system32\mvxfsqrd.dll Has been deleted!

Attempting to delete C:\windows\system32\mxvtvxxi.dll

C:\windows\system32\mxvtvxxi.dll Has been deleted!

Attempting to delete C:\windows\system32\myafaokt.ini

C:\windows\system32\myafaokt.ini Has been deleted!

Attempting to delete C:\windows\system32\myiuymsh.dll

C:\windows\system32\myiuymsh.dll Has been deleted!

Attempting to delete C:\windows\system32\nbuyciep.dll

C:\windows\system32\nbuyciep.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nbytahug.dll

C:\WINDOWS\system32\nbytahug.dll Could not be deleted.

Attempting to delete C:\windows\system32\ncirjmkv.dll

C:\windows\system32\ncirjmkv.dll Has been deleted!

Attempting to delete C:\windows\system32\nhatropy.ini

C:\windows\system32\nhatropy.ini Has been deleted!

Attempting to delete C:\windows\system32\nheeognh.ini

C:\windows\system32\nheeognh.ini Has been deleted!

Attempting to delete C:\windows\system32\nhntmorq.ini

C:\windows\system32\nhntmorq.ini Has been deleted!

Attempting to delete C:\windows\system32\niawvagm.ini

C:\windows\system32\niawvagm.ini Has been deleted!

Attempting to delete C:\windows\system32\njlxjnrd.dll

C:\windows\system32\njlxjnrd.dll Has been deleted!

Attempting to delete C:\windows\system32\nkjwaavh.exe

C:\windows\system32\nkjwaavh.exe Has been deleted!

Attempting to delete C:\windows\system32\npnestim.dll

C:\windows\system32\npnestim.dll Has been deleted!

Attempting to delete C:\windows\system32\nqmvsnfq.ini

C:\windows\system32\nqmvsnfq.ini Has been deleted!

Attempting to delete C:\windows\system32\nroavgga.ini

C:\windows\system32\nroavgga.ini Has been deleted!

Attempting to delete C:\windows\system32\nyibgpke.dll

C:\windows\system32\nyibgpke.dll Has been deleted!

Attempting to delete C:\windows\system32\objmcabk.ini

C:\windows\system32\objmcabk.ini Has been deleted!

Attempting to delete C:\windows\system32\odnnwloj.ini

C:\windows\system32\odnnwloj.ini Has been deleted!

Attempting to delete C:\windows\system32\ohlpxlws.dll

C:\windows\system32\ohlpxlws.dll Has been deleted!

Attempting to delete C:\windows\system32\onwsiivp.ini

C:\windows\system32\onwsiivp.ini Has been deleted!

Attempting to delete C:\windows\system32\ooufpkwr.ini

C:\windows\system32\ooufpkwr.ini Has been deleted!

Attempting to delete C:\windows\system32\ouinjiqr.dll

C:\windows\system32\ouinjiqr.dll Has been deleted!

Attempting to delete C:\windows\system32\pbbniabv.dll

C:\windows\system32\pbbniabv.dll Has been deleted!

Attempting to delete C:\windows\system32\peicyubn.ini

C:\windows\system32\peicyubn.ini Has been deleted!

Attempting to delete C:\windows\system32\percdjjj.dll

C:\windows\system32\percdjjj.dll Has been deleted!

Attempting to delete C:\windows\system32\piomrlyu.ini

C:\windows\system32\piomrlyu.ini Has been deleted!

Attempting to delete C:\windows\system32\pjajnuul.dll

C:\windows\system32\pjajnuul.dll Has been deleted!

Attempting to delete C:\windows\system32\pjvbrogt.dll

C:\windows\system32\pjvbrogt.dll Has been deleted!

Attempting to delete C:\windows\system32\pluwwilv.dll

C:\windows\system32\pluwwilv.dll Has been deleted!

Attempting to delete C:\windows\system32\pmprolhg.ini

C:\windows\system32\pmprolhg.ini Has been deleted!

Attempting to delete C:\windows\system32\ppdkcvbb.dll

C:\windows\system32\ppdkcvbb.dll Has been deleted!

Attempting to delete C:\windows\system32\pviiswno.dll

C:\windows\system32\pviiswno.dll Has been deleted!

Attempting to delete C:\windows\system32\pvpyqxrf.dll

C:\windows\system32\pvpyqxrf.dll Has been deleted!

Attempting to delete C:\windows\system32\pxjjjaax.dll

C:\windows\system32\pxjjjaax.dll Has been deleted!

Attempting to delete C:\windows\system32\qbqvocnq.dll

C:\windows\system32\qbqvocnq.dll Has been deleted!

Attempting to delete C:\windows\system32\qesahwmq.ini

C:\windows\system32\qesahwmq.ini Has been deleted!

Attempting to delete C:\windows\system32\qfnsvmqn.dll

C:\windows\system32\qfnsvmqn.dll Has been deleted!

Attempting to delete C:\windows\system32\qmwhaseq.dll

C:\windows\system32\qmwhaseq.dll Has been deleted!

Attempting to delete C:\windows\system32\qncovqbq.ini

C:\windows\system32\qncovqbq.ini Has been deleted!

Attempting to delete C:\windows\system32\qpdevwvh.ini

C:\windows\system32\qpdevwvh.ini Has been deleted!

Attempting to delete C:\windows\system32\qromtnhn.dll

C:\windows\system32\qromtnhn.dll Has been deleted!

Attempting to delete C:\windows\system32\qsgjslga.ini

C:\windows\system32\qsgjslga.ini Has been deleted!

Attempting to delete C:\windows\system32\qubdmgps.dll

C:\windows\system32\qubdmgps.dll Has been deleted!

Attempting to delete C:\windows\system32\qvishorm.dll

C:\windows\system32\qvishorm.dll Has been deleted!

Attempting to delete C:\windows\system32\rcnlwkvk.ini

C:\windows\system32\rcnlwkvk.ini Has been deleted!

Attempting to delete C:\windows\system32\rcrwxhvs.dll

C:\windows\system32\rcrwxhvs.dll Has been deleted!

Attempting to delete C:\windows\system32\rgfnnxya.dll

C:\windows\system32\rgfnnxya.dll Has been deleted!

Attempting to delete C:\windows\system32\rooksxis.dll

C:\windows\system32\rooksxis.dll Has been deleted!

Attempting to delete C:\windows\system32\rperdaha.ini

C:\windows\system32\rperdaha.ini Has been deleted!

Attempting to delete C:\windows\system32\rpsysshf.dll

C:\windows\system32\rpsysshf.dll Has been deleted!

Attempting to delete C:\windows\system32\rqdtffqe.ini

C:\windows\system32\rqdtffqe.ini Has been deleted!

Attempting to delete C:\windows\system32\rqijniuo.ini

C:\windows\system32\rqijniuo.ini Has been deleted!

Attempting to delete C:\windows\system32\rryrdjtb.ini

C:\windows\system32\rryrdjtb.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.bak1

C:\WINDOWS\system32\rtvwa.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.bak2

C:\WINDOWS\system32\rtvwa.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.ini

C:\WINDOWS\system32\rtvwa.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.ini2

C:\WINDOWS\system32\rtvwa.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.tmp

C:\WINDOWS\system32\rtvwa.tmp Has been deleted!

Attempting to delete C:\windows\system32\rwkpfuoo.dll

C:\windows\system32\rwkpfuoo.dll Has been deleted!

Attempting to delete C:\windows\system32\rwnhmqqc.dll

C:\windows\system32\rwnhmqqc.dll Has been deleted!

Attempting to delete C:\windows\system32\ryedxsye.ini

C:\windows\system32\ryedxsye.ini Has been deleted!

Attempting to delete C:\windows\system32\saedubld.ini

C:\windows\system32\saedubld.ini Has been deleted!

Attempting to delete C:\windows\system32\saqlwdcw.ini

C:\windows\system32\saqlwdcw.ini Has been deleted!

Attempting to delete C:\windows\system32\sarkjvou.ini

C:\windows\system32\sarkjvou.ini Has been deleted!

Attempting to delete C:\windows\system32\sgmrvvjt.ini

C:\windows\system32\sgmrvvjt.ini Has been deleted!

Attempting to delete C:\windows\system32\sixskoor.ini

C:\windows\system32\sixskoor.ini Has been deleted!

Attempting to delete C:\windows\system32\snclvmdl.dll

C:\windows\system32\snclvmdl.dll Has been deleted!

Attempting to delete C:\windows\system32\snqdwkqm.ini

C:\windows\system32\snqdwkqm.ini Has been deleted!

Attempting to delete C:\windows\system32\spgmdbuq.ini

C:\windows\system32\spgmdbuq.ini Has been deleted!

Attempting to delete C:\windows\system32\sssyfxsf.ini

C:\windows\system32\sssyfxsf.ini Has been deleted!

Attempting to delete C:\windows\system32\svhxwrcr.ini

C:\windows\system32\svhxwrcr.ini Has been deleted!

Attempting to delete C:\windows\system32\swlxplho.ini

C:\windows\system32\swlxplho.ini Has been deleted!

Attempting to delete C:\windows\system32\tanahsjk.dll

C:\windows\system32\tanahsjk.dll Has been deleted!

Attempting to delete C:\windows\system32\tbdkrwhl.ini

C:\windows\system32\tbdkrwhl.ini Has been deleted!

Attempting to delete C:\windows\system32\tfncrdve.dll

C:\windows\system32\tfncrdve.dll Has been deleted!

Attempting to delete C:\windows\system32\tgorbvjp.ini

C:\windows\system32\tgorbvjp.ini Has been deleted!

Attempting to delete C:\windows\system32\tjvvrmgs.dll

C:\windows\system32\tjvvrmgs.dll Has been deleted!

Attempting to delete C:\windows\system32\tkoafaym.dll

C:\windows\system32\tkoafaym.dll Has been deleted!

Attempting to delete C:\windows\system32\tmmoldrd.ini

C:\windows\system32\tmmoldrd.ini Has been deleted!

Attempting to delete C:\windows\system32\tqayvroa.dll

C:\windows\system32\tqayvroa.dll Has been deleted!

Attempting to delete C:\windows\system32\tsleiuvf.ini

C:\windows\system32\tsleiuvf.ini Has been deleted!

Attempting to delete C:\windows\system32\ubfardyb.dll

C:\windows\system32\ubfardyb.dll Has been deleted!

Attempting to delete C:\windows\system32\ucqqimax.ini

C:\windows\system32\ucqqimax.ini Has been deleted!

Attempting to delete C:\windows\system32\ucvhpbul.ini

C:\windows\system32\ucvhpbul.ini Has been deleted!

Attempting to delete C:\windows\system32\ucwikttu.dll

C:\windows\system32\ucwikttu.dll Has been deleted!

Attempting to delete C:\windows\system32\uiwaeyhi.ini

C:\windows\system32\uiwaeyhi.ini Has been deleted!

Attempting to delete C:\windows\system32\ulwwhyfh.dll

C:\windows\system32\ulwwhyfh.dll Has been deleted!

Attempting to delete C:\windows\system32\uovjkras.dll

C:\windows\system32\uovjkras.dll Has been deleted!

Attempting to delete C:\windows\system32\uqyqipfy.ini

C:\windows\system32\uqyqipfy.ini Has been deleted!

Attempting to delete C:\windows\system32\uttkiwcu.ini

C:\windows\system32\uttkiwcu.ini Has been deleted!

Attempting to delete C:\windows\system32\uylrmoip.dll

C:\windows\system32\uylrmoip.dll Has been deleted!

Attempting to delete C:\windows\system32\vbainbbp.ini

C:\windows\system32\vbainbbp.ini Has been deleted!

Attempting to delete C:\windows\system32\vfchxvka.ini

C:\windows\system32\vfchxvka.ini Has been deleted!

Attempting to delete C:\windows\system32\vjudqvuk.ini

C:\windows\system32\vjudqvuk.ini Has been deleted!

Attempting to delete C:\windows\system32\vkmjricn.ini

C:\windows\system32\vkmjricn.ini Has been deleted!

Attempting to delete C:\windows\system32\vliwwulp.ini

C:\windows\system32\vliwwulp.ini Has been deleted!

Attempting to delete C:\windows\system32\vlosmekl.ini

C:\windows\system32\vlosmekl.ini Has been deleted!

Attempting to delete C:\windows\system32\vxplhypd.ini

C:\windows\system32\vxplhypd.ini Has been deleted!

Attempting to delete C:\windows\system32\vybqvmje.ini

C:\windows\system32\vybqvmje.ini Has been deleted!

Attempting to delete C:\windows\system32\wcdwlqas.dll

C:\windows\system32\wcdwlqas.dll Has been deleted!

Attempting to delete C:\windows\system32\weoupfid.ini

C:\windows\system32\weoupfid.ini Has been deleted!

Attempting to delete C:\windows\system32\wktmphjk.ini

C:\windows\system32\wktmphjk.ini Has been deleted!

Attempting to delete C:\windows\system32\wqysqnib.ini

C:\windows\system32\wqysqnib.ini Has been deleted!

Attempting to delete C:\windows\system32\wxuorxgx.dll

C:\windows\system32\wxuorxgx.dll Has been deleted!

Attempting to delete C:\windows\system32\wytgnygy.ini

C:\windows\system32\wytgnygy.ini Has been deleted!

Attempting to delete C:\windows\system32\xaajjjxp.ini

C:\windows\system32\xaajjjxp.ini Has been deleted!

Attempting to delete C:\windows\system32\xamiqqcu.dll

C:\windows\system32\xamiqqcu.dll Has been deleted!

Attempting to delete C:\windows\system32\xeioqxcf.dll

C:\windows\system32\xeioqxcf.dll Has been deleted!

Attempting to delete C:\windows\system32\xgxrouxw.ini

C:\windows\system32\xgxrouxw.ini Has been deleted!

Attempting to delete C:\windows\system32\xhosxbme.dll

C:\windows\system32\xhosxbme.dll Has been deleted!

Attempting to delete C:\windows\system32\xixaping.ini

C:\windows\system32\xixaping.ini Has been deleted!

Attempting to delete C:\windows\system32\xjbppeqj.ini

C:\windows\system32\xjbppeqj.ini Has been deleted!

Attempting to delete C:\windows\system32\xlenlgjm.dll

C:\windows\system32\xlenlgjm.dll Has been deleted!

Attempting to delete C:\windows\system32\xmcnmmmx.ini

C:\windows\system32\xmcnmmmx.ini Has been deleted!

Attempting to delete C:\windows\system32\xmmmncmx.dll

C:\windows\system32\xmmmncmx.dll Has been deleted!

Attempting to delete C:\windows\system32\xsmfawej.dll

C:\windows\system32\xsmfawej.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xxyyywt.dll

C:\WINDOWS\system32\xxyyywt.dll Could not be deleted.

Attempting to delete C:\windows\system32\xyfjvree.ini

C:\windows\system32\xyfjvree.ini Has been deleted!

Attempting to delete C:\windows\system32\yfpiqyqu.dll

C:\windows\system32\yfpiqyqu.dll Has been deleted!

Attempting to delete C:\windows\system32\ygyngtyw.dll

C:\windows\system32\ygyngtyw.dll Has been deleted!

Attempting to delete C:\windows\system32\yplmgpcd.ini

C:\windows\system32\yplmgpcd.ini Has been deleted!

Attempting to delete C:\windows\system32\yportahn.dll

C:\windows\system32\yportahn.dll Has been deleted!

Performing Repairs to the registry.

Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awvtr.dll

C:\WINDOWS\system32\awvtr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lubphvcu.dll

C:\WINDOWS\system32\lubphvcu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nbytahug.dll

C:\WINDOWS\system32\nbytahug.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\rtvwa.ini

C:\WINDOWS\system32\rtvwa.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xxyyywt.dll

C:\WINDOWS\system32\xxyyywt.dll Could not be deleted.

Performing Repairs to the registry.

Done!

VundoFix V6.5.9

Checking Java version...

Java version is 1.4.2.3

Old versions of java are exploitable and should be removed.

Scan started at 6:44:09 PM 10/4/2007

Listing files found while scanning....

C:\windows\system32\xxyyywt.dll

Beginning removal...

Attempting to delete C:\windows\system32\xxyyywt.dll

C:\windows\system32\xxyyywt.dll Has been deleted!

Performing Repairs to the registry.

Done!

VundoFix V6.7.7

Checking Java version...

Java version is 1.4.2.3

Old versions of java are exploitable and should be removed.

Scan started at 1:16:32 PM 1/31/2008

Listing files found while scanning....

No infected files were found.

VundoFix V6.7.7

Checking Java version...

Java version is 1.4.2.3

Old versions of java are exploitable and should be removed.

Scan started at 6:39:55 PM 1/31/2008

Listing files found while scanning....

No infected files were found.

Beginning removal...

Link to post
Share on other sites

ugh,

I didn't run combofix, so I did justr now, after it restated and finished, I couldn't connect to the internet, and I have no backups in my system restore. heres the log i got though.

ComboFix 08-02.01.6 - Pete's 2008-02-01 12:14:25.3 - NTFSx86 NETWORK

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1203 [GMT -8:00]

Running from: C:\Documents and Settings\Pete's\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\check_LSA7.txt

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

C:\WINDOWS\b103.exe.bin

C:\WINDOWS\b136.exe.bin

C:\WINDOWS\system32\aduttakp.exe

C:\WINDOWS\system32\awturqo.dll

C:\WINDOWS\system32\bnrfil.dll

C:\WINDOWS\system32\bsnlst.dll

C:\WINDOWS\system32\ecllrobv.ini

C:\WINDOWS\system32\evbgpwcl.dll

C:\WINDOWS\system32\hgjlm.bak1

C:\WINDOWS\system32\hgjlm.bak2

C:\WINDOWS\system32\hgjlm.ini

C:\WINDOWS\system32\igefil.dll

C:\WINDOWS\system32\kvkefcjf.dll

C:\WINDOWS\system32\lastupdate.dll

C:\WINDOWS\system32\macfil.dll

C:\WINDOWS\system32\mcrh.tmp

C:\WINDOWS\system32\mljgh.dll

C:\WINDOWS\system32\mp3fil.dll

C:\WINDOWS\system32\nfil.dll

C:\WINDOWS\system32\opatlfkh.ini

C:\WINDOWS\system32\picsfil.dll

C:\WINDOWS\system32\pskill.exe

C:\WINDOWS\system32\snetfil.dll

C:\WINDOWS\system32\srchfrgn.dll

C:\WINDOWS\system32\srchout.dll

C:\WINDOWS\system32\vborllce.dll

----- BITS: Possible infected sites -----

hxxp://au.download.windowsupdate.com

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\LEGACY_DOMAINSERVICE

-------\DomainService

((((((((((((((((((((((((( Files Created from 2008-01-01 to 2008-02-01 )))))))))))))))))))))))))))))))

.

Link to post
Share on other sites

Go to your Control Panel>Network Connections>Rt click on your current connect (Probably Locan Area Connetion) and select Repair

After a reboot you should be connecting again.

Fully describe w/ pictures HERE

Look like all of the log didn't post..you should see a EOF at the end of a complete log

Edited by jwbirdsong
Link to post
Share on other sites

wait, nevermind, I ran it again without my firewall on, and heres the log. internet still doesn't work. I can't seem to get an IP adress, and it still doesn't work when i setup a static one. I'm trying to connect using a wireless router, no wired connection at all. However my other computer, (the one I'm using now) can connect to the router just fine.

ComboFix 08-02.01.6 - Pete's 2008-02-01 13:56:42.4 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1013 [GMT -8:00]

Running from: C:\Documents and Settings\Pete's\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

.

---- Previous Run -------

.

C:\check_LSA7.txt

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

C:\WINDOWS\b103.exe.bin

C:\WINDOWS\b136.exe.bin

C:\WINDOWS\system32\aduttakp.exe

C:\WINDOWS\system32\awturqo.dll

C:\WINDOWS\system32\bnrfil.dll

C:\WINDOWS\system32\bsnlst.dll

C:\WINDOWS\system32\ecllrobv.ini

C:\WINDOWS\system32\evbgpwcl.dll

C:\WINDOWS\system32\hgjlm.bak1

C:\WINDOWS\system32\hgjlm.bak2

C:\WINDOWS\system32\hgjlm.ini

C:\WINDOWS\system32\igefil.dll

C:\WINDOWS\system32\kvkefcjf.dll

C:\WINDOWS\system32\lastupdate.dll

C:\WINDOWS\system32\macfil.dll

C:\WINDOWS\system32\mcrh.tmp

C:\WINDOWS\system32\mljgh.dll

C:\WINDOWS\system32\mp3fil.dll

C:\WINDOWS\system32\nfil.dll

C:\WINDOWS\system32\opatlfkh.ini

C:\WINDOWS\system32\picsfil.dll

C:\WINDOWS\system32\pskill.exe

C:\WINDOWS\system32\snetfil.dll

C:\WINDOWS\system32\srchfrgn.dll

C:\WINDOWS\system32\srchout.dll

C:\WINDOWS\system32\vborllce.dll

----- BITS: Possible infected sites -----

hxxp://au.download.windowsupdate.com

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\LEGACY_DOMAINSERVICE

-------\DomainService

((((((((((((((((((((((((( Files Created from 2008-01-01 to 2008-02-01 )))))))))))))))))))))))))))))))

.

2008-01-31 17:10 . 2008-01-31 20:18 <DIR> d-------- C:\Program Files\Thoosje Sidebar V2.3

2008-01-31 12:34 . 2008-01-31 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet

2008-01-31 12:24 . 2008-01-31 12:24 <DIR> d-------- C:\Program Files\Bonjour

2008-01-31 11:55 . 2008-01-31 11:55 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared

2008-01-30 15:12 . 2008-01-30 15:18 <DIR> d-------- C:\WINDOWS\vbSkinner

2008-01-30 15:12 . 2008-01-30 15:20 <DIR> d-------- C:\Program Files\PFConfig

2008-01-26 17:47 . 2008-01-26 17:47 <DIR> d-------- C:\Program Files\Cucusoft

2008-01-26 17:47 . 2008-01-26 19:34 <DIR> d-------- C:\ConverterOutput

2008-01-19 13:49 . 2008-01-19 14:03 <DIR> d-------- C:\Program Files\01-mp3search

2008-01-19 11:30 . 2008-01-19 11:30 244 --ah----- C:\sqmnoopt00.sqm

2008-01-19 11:30 . 2008-01-19 11:30 232 --ah----- C:\sqmdata00.sqm

2008-01-18 15:55 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe

2008-01-18 15:54 . 2008-01-18 15:54 <DIR> d-------- C:\Program Files\The Rosetta Stone

2008-01-15 20:17 . 2008-01-15 20:28 <DIR> d-------- C:\Program Files\SBPaper

2008-01-15 16:43 . 2008-01-30 20:13 <DIR> d-------- C:\WINDOWS\system32\VIRepair

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Program Files\WinFlip

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Program Files\VisualTooltip

2008-01-15 16:43 . 2008-01-30 20:18 <DIR> d-------- C:\Program Files\ViStart

2008-01-15 16:43 . 2008-01-30 19:18 <DIR> d-------- C:\Program Files\Vista Sidebar

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Program Files\ViOrb

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Program Files\TrueTransparency

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Program Files\Styler

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Program Files\LClock

2008-01-15 16:43 . 2008-01-15 16:43 <DIR> d-------- C:\Documents and Settings\Pete's\Application Data\Styler

2008-01-15 16:43 . 2007-04-15 01:30 6,181,376 --a------ C:\WINDOWS\system32\vistaui.exe

2008-01-15 16:43 . 2007-11-30 05:56 329,029 --a------ C:\WINDOWS\system32\viwc.exe

2008-01-15 16:43 . 2004-09-20 01:27 172,032 --a------ C:\WINDOWS\system32\LClock.cpl

2008-01-15 16:43 . 2007-11-25 22:11 49,208 --a------ C:\WINDOWS\system32\vistartup.bmp

2008-01-15 16:37 . 2008-01-15 16:37 78,942 --a------ C:\WINDOWS\Icon_1.ico

2008-01-15 16:36 . 2008-01-30 19:34 <DIR> d-------- C:\WINDOWS\system32\VITrans

2008-01-15 16:36 . 2008-01-15 16:44 <DIR> d-------- C:\VTPFiles

2008-01-15 16:36 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe

2008-01-15 16:36 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe

2008-01-15 16:36 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe

2008-01-14 20:51 . 2008-01-19 13:56 <DIR> d-------- C:\True Enough Re-loaded

2008-01-14 18:17 . 2008-01-14 18:17 <DIR> d-------- C:\Vistart

2008-01-14 14:29 . 2008-01-14 14:46 <DIR> d-------- C:\Documents and Settings\Pete's\Application Data\ViStart

2008-01-12 15:26 . 2008-01-12 15:26 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS

2008-01-10 16:10 . 2008-01-10 16:10 <DIR> d-------- C:\WINDOWS\system32\Dump

2008-01-09 20:19 . 2008-01-09 20:19 <DIR> d-------- C:\Program Files\Outspark

2008-01-07 16:43 . 2008-01-11 15:20 <DIR> d-------- C:\Documents and Settings\Pete's\Builds

2008-01-06 15:50 . 2008-01-06 17:29 <DIR> d-------- C:\Program Files\RegCure

2008-01-02 09:54 . 2008-01-03 15:14 <DIR> d-------- C:\Documents and Settings\Pete's\Application Data\Uniblue

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-02-01 21:01 --------- d-----w C:\Documents and Settings\Pete's\Application Data\uTorrent

2008-01-31 20:24 --------- d-----w C:\Program Files\Common Files\Adobe

2008-01-30 22:47 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL

2008-01-30 22:47 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS

2008-01-30 00:44 --------- d-----w C:\Program Files\SUPERAntiSpyware

2008-01-27 03:41 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP

2008-01-27 03:10 --------- d-----w C:\Program Files\Common Files\FotoNation

2008-01-23 20:05 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-01-23 20:05 --------- d-----w C:\Documents and Settings\Pete's\Application Data\My Games

2008-01-23 20:04 --------- d-----w C:\Program Files\Real

2008-01-23 20:02 --------- d-----w C:\Documents and Settings\Pete's\Application Data\InstallShield Installation Information

2008-01-23 19:57 --------- d-----w C:\Program Files\Microsoft Games

2008-01-23 19:48 --------- d-----w C:\Program Files\DS Stuff

2008-01-18 01:24 --------- d-----w C:\Program Files\uTorrent

2008-01-11 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Outspark

2008-01-10 03:23 --------- d-----w C:\Program Files\Fiesta

2008-01-07 01:34 --------- d-----w C:\Program Files\lx_cats

2007-12-31 22:29 --------- d-----w C:\Program Files\Common Files\DirectX

2007-12-31 20:32 --------- d-----w C:\Program Files\Azureus

2007-12-31 03:21 --------- d-----w C:\Program Files\DAP

2007-12-31 03:16 --------- d-----w C:\Documents and Settings\Pete's\Application Data\Azureus

2007-12-31 03:13 --------- d-----w C:\Program Files\SpeedOptimizer

2007-12-31 03:08 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll

2007-12-31 03:05 --------- d-----w C:\Program Files\AskPBar

2007-12-29 18:54 --------- d-----w C:\Documents and Settings\Pete's\Application Data\Comodo

2007-12-29 18:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Comodo

2007-12-26 08:55 --------- d-----w C:\Program Files\PowerISO

2007-12-24 22:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI MMC

2007-12-24 17:07 --------- d-----w C:\Program Files\Common Files\Stardock

2007-12-22 23:32 --------- d-----w C:\Documents and Settings\Pete's\Application Data\Realtime Soft

2007-12-22 19:05 --------- d-----w C:\Program Files\Stardock

2007-12-22 05:55 --------- d-----w C:\Program Files\Osu!

2007-12-22 02:40 --------- d-----w C:\Program Files\Sony

2007-12-22 02:28 --------- d-----w C:\Program Files\Avi2Dvd

2007-12-20 04:55 --------- d-----w C:\Program Files\M-Audio Uno

2007-12-20 01:21 --------- d-----w C:\Program Files\VOCALOID

2007-12-19 00:55 --------- d-----w C:\Program Files\Sony Setup

2007-12-17 04:03 --------- d-----w C:\Documents and Settings\Pete's\Application Data\Sony

2007-12-17 03:55 --------- d-----w C:\Program Files\Microsoft SQL Server

2007-12-17 03:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony

2007-12-15 22:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus

2007-12-08 04:17 --------- d-----w C:\Program Files\Common Files\Macromedia

2007-12-08 04:15 --------- d-----w C:\Program Files\Macromedia

2007-12-08 02:24 --------- d-----w C:\Program Files\IrfanView

2007-12-08 01:40 --------- d-----w C:\Program Files\Windows Live

2007-12-08 01:39 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller

2007-12-08 01:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller

2007-12-04 01:20 --------- d-----w C:\Program Files\StepMania

2007-12-04 00:26 --------- d-----w C:\Program Files\Game Elements PC Recoil Pad

2007-12-02 21:21 --------- d-----w C:\Documents and Settings\Pete's\Application Data\DVD Flick

2007-12-01 18:14 --------- d-----w C:\Program Files\DVD Flick

2007-12-01 18:03 --------- d-----w C:\Program Files\Wise DVD to MPEG Converter

2007-12-01 17:39 --------- d-----w C:\Program Files\PowerImage

2007-11-22 18:38 139,008 ----a-w C:\WINDOWS\system32\guard32.dll

2007-11-13 22:48 91,078 ----a-w C:\WINDOWS\system32\adwfil.dll

2007-11-13 22:48 9,796 ----a-w C:\WINDOWS\system32\gnfil.dll

2007-11-13 22:48 9,634 ----a-w C:\WINDOWS\system32\pkmon.dll

2007-11-13 22:48 8,652 ----a-w C:\WINDOWS\system32\jbfil.dll

2007-11-13 22:48 7,778 ----a-w C:\WINDOWS\system32\movfil.dll

2007-11-13 22:48 7,642 ----a-w C:\WINDOWS\system32\auctfil.dll

2007-11-13 22:48 6,830 ----a-w C:\WINDOWS\system32\swfil.dll

2007-11-13 22:48 6,050 ----a-w C:\WINDOWS\system32\wrestfil.dll

2007-11-13 22:48 5,782 ----a-w C:\WINDOWS\system32\vgamfil.dll

2007-11-13 22:48 5,180 ----a-w C:\WINDOWS\system32\iawfil.dll

2007-11-13 22:48 4,442 ----a-w C:\WINDOWS\system32\hatfil.dll

2007-11-13 22:48 4,162 ----a-w C:\WINDOWS\system32\viofil.dll

2007-11-13 22:48 3,444 ----a-w C:\WINDOWS\system32\srchin.dll

2007-11-13 22:48 3,286 ----a-w C:\WINDOWS\system32\lgwfil.dll

2007-11-13 22:48 22,618 ----a-w C:\WINDOWS\system32\perfil.dll

2007-11-13 22:48 17,488 ----a-w C:\WINDOWS\system32\nvgamfil.dll

2007-11-13 22:48 16,802 ----a-w C:\WINDOWS\system32\popfil.dll

2007-11-13 22:48 157,916 ----a-w C:\WINDOWS\system32\pxyfil.dll

2007-11-13 22:48 14,712 ----a-w C:\WINDOWS\system32\tafil.dll

2007-11-13 22:48 13,154 ----a-w C:\WINDOWS\system32\finfil.dll

2007-11-13 22:48 13,070 ----a-w C:\WINDOWS\system32\gblfil.dll

2007-11-13 22:48 12,730 ----a-w C:\WINDOWS\system32\psyfil.dll

2007-11-13 22:48 12,422 ----a-w C:\WINDOWS\system32\entfil.dll

2007-11-13 22:48 12,266 ----a-w C:\WINDOWS\system32\sporfil.dll

2007-11-13 22:48 11,338 ----a-w C:\WINDOWS\system32\fmfil.dll

2007-11-13 22:48 10,906 ----a-w C:\WINDOWS\system32\chtfil.dll

2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll

2007-11-07 02:52 484 ----a-w C:\Program Files\Shortcut to DS Stuff.lnk

2007-11-07 02:24 631,990 ----a-w C:\WINDOWS\nintendo-ds-lite-pack-crystalxp.net-en-993.zip

2007-02-27 00:05 48 ----a-w C:\Documents and Settings\Pete's\snesadvance.dat

2006-08-19 13:32 19,811 ----a-w C:\Documents and Settings\Pete's\DDRLite Converter.exe

2006-08-06 20:07 54 ----a-w C:\Documents and Settings\Pete's\gamepadcontrols.dat

2006-01-27 23:56 43,826 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2006_01_27_05_30_03_small.dmp.zip

2006-01-27 23:56 41,663 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2006_01_27_05_29_58_small.dmp.zip

2005-09-09 02:11 12,421,760 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2005_09_08_19_05_05.dmp.zip

2005-08-03 02:33 12,425,219 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2005_08_02_07_11_41.dmp.zip

2005-07-16 16:16 12,416,737 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2005_07_16_09_12_35.dmp.zip

2005-07-15 22:50 12,419,448 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2005_07_15_15_43_51.dmp.zip

2005-07-11 05:11 12,418,259 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2005_07_10_19_57_02.dmp.zip

2006-03-26 20:25 0 -csha-w C:\WINDOWS\SMINST\HPCD.sys

2004-09-26 00:27 56 --sh--r C:\WINDOWS\system32\7ADF967E6C.sys

2004-09-26 00:27 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

"LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-20 01:27 65536]

"Vista Sidebar"="C:\Program Files\Vista Sidebar\sidebar.exe" [2007-11-20 13:51 524288]

"ScottsPaperManager"="C:\Program Files\SBPaper\paper.exe" [2007-05-25 10:18 935424]

"ViOrb"="C:\Program Files\ViOrb\ViOrb.exe" [2007-11-19 13:01 163840]

"ViStart"="C:\Documents and Settings\Pete's\Desktop\Other apps\vistart_2502_english_skin_default\ViStart" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"C2K"="C:\WINDOWS\Cyb2k.exe" [2004-08-03 09:47 2649088]

"lxcrmon.exe"="C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [2006-03-06 12:48 286720]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 02:06 79224]

"LXCRCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 06:54 65536]

"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-12-29 11:20 1115728]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2004-08-25 18:07 180269]

C:\Documents and Settings\Pete's\Start Menu\Programs\Startup\

Thoosje Vista Sidebar.lnk - C:\Program Files\Thoosje Sidebar V2.3\Thoosje Vista Sidebar.exe [2007-10-21 16:28:57 524288]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{35B2861B-2B26-4691-9FF0-09083722C736}"= C:\WINDOWS\system32\RadExe.dll [2005-04-27 03:49 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-12-21 21:24 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]

backup=C:\WINDOWS\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk]

backup=C:\WINDOWS\pss\Updates from HP.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Pete's^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]

backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

--a------ 2005-03-04 11:01 88209 C:\WINDOWS\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]

--a------ 2004-11-30 21:10 344064 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupNotify]

--a------ 2004-01-09 01:34 32768 c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C2K]

--a------ 2004-08-03 09:47 2649088 C:\WINDOWS\Cyb2k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

--a------ 2004-08-03 23:56 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]

--a------ 2007-12-30 19:08 4576768 C:\Program Files\DAP\DAP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]

--a------ 2006-02-07 00:10 98304 C:\Program Files\Lexmark 2400 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

--a------ 2005-01-12 13:54 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2005-02-16 22:11 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]

--a------ 2003-08-21 03:15 483328 C:\WINDOWS\System32\hphmon05.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]

--a------ 2003-08-21 03:23 49152 c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

--a------ 1998-05-07 16:04 52736 c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ink Monitor]

--a------ 2001-10-16 10:10 258118 C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2007-07-31 17:44 271672 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

--a------ 2005-02-02 15:44 61440 C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

--a------ 2006-06-05 06:06 188416 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2007-06-29 05:24 286720 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]

--a------ 2004-04-14 12:43 233472 C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyHunter]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

--a------ 2007-06-21 13:06 1318912 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2007-10-04 18:23 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

--a------ 2004-08-25 18:07 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UltraMon]

C:\Program Files\UltraMon\UltraMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

--a------ 2006-09-07 09:19 15872 C:\Program Files\Unlocker\UnlockerAssistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

--a------ 2003-08-19 01:01 110592 c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

--a------ 2004-01-15 20:33 49152 C:\WINDOWS\system32\VTTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WinVNC4"=2 (0x2)

"EPSONStatusAgent2"=2 (0x2)

R1 BUFADPT;BUFADPT;C:\WINDOWS\system32\BUFADPT.SYS [2005-07-06 13:52]

R2 UnoInstallerService;Uno Installer;C:\Program Files\M-Audio Uno\UnoInst.exe [2004-12-04 01:06]

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 13:38]

R3 dsreader;MaxDrive Driver (dsreader.sys);C:\WINDOWS\system32\Drivers\dsreader.sys [2001-01-02 22:53]

S1 rxp;rxp;C:\WINDOWS\system32\drivers\rxp.sys []

S3 EVOLUSB;%EVOL_USB_SvcDesc%;C:\WINDOWS\system32\drivers\evolusb.sys []

S3 pnicml;pnicml;C:\DOCUME~1\Owner\LOCALS~1\Temp\pnicml.sys []

S3 samhid;samhid;C:\WINDOWS\system32\drivers\samhid.sys [2006-01-07 12:09]

S3 u2kg54;BUFFALO WLI-U2-KG54 Wireless LAN Adapter Service;C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-06-22 10:15]

S3 UltraMonMirror;UltraMonMirror;C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys []

S3 XDva075;XDva075;C:\WINDOWS\system32\XDva075.sys []

.

Contents of the 'Scheduled Tasks' folder

"2008-01-26 05:40:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

"2008-02-01 21:36:15 C:\WINDOWS\Tasks\RegCure Program Check.job"

- C:\Program Files\RegCure\RegCure.exe

"2008-01-29 01:00:00 C:\WINDOWS\Tasks\RegCure.job"

- C:\Program Files\RegCure\RegCure.exe

"2008-01-23 23:09:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"

- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe

"2008-01-02 17:54:20 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"

- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-01 14:02:29

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2008-02-01 14:03:51

ComboFix-quarantined-files.txt 2008-02-01 22:03:24

.

2008-01-10 02:47:26 --- E O F ---

Edited by Kohu
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...