Solved: comp switching off every few minutes

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
Hi Support

for the last few days comp acting strange Avast found few viruses I wasent able to delet and I run Kaspersky online scan and few more was there , incl kaspersky scan , hijack . Despearet for help since comp is on and off all the time.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.57.59, on 07/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmaildomini.aruba.it/cgi-bin/webmail.cgi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-220523388-839522115-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Negozio Courmayeur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Poker.com - {4f34c291-5837-4f45-ade1-da5502c69fef} - C:\Documents and Settings\Pawel Dudnik\Start Menu\Programs\Poker.com\Poker.com.lnk (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Pawel Dudnik\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - https://62.149.165.3:4643/vz/rdp/msrdp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9434 bytes
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, April 06, 2008 11:04:46 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/04/2008
Kaspersky Anti-Virus database records: 615055
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 147140
Number of viruses found: 23
Number of infected objects: 391
Number of suspicious objects: 0
Duration of the scan process: 03:58:22

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\History\History.IE5\MSHist012008040520080406\index.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Temp\ mon054.log Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Temp\~DF29C8.tmp Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\ntuser.dat Object is locked skipped
C:\Documents and Settings\Pawel Dudnik\NTUSER.DAT.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Program Files\PokerOffice\log\servicelog.txt Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP98\change.log Object is locked skipped
C:\System Volume Information\_restore{8BF0DF50-3D20-4AB6-A63E-78FA5B3823F9}\RP79\A0040401.exe Infected: Trojan-Dropper.Win32.Joiner.ah skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log Object is locked skipped
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{817193A6-4D33-40BD-8ED7-A6EE736AF424}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_5a4.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
D:\RECYCLER\S-1-5-21-1482476501-854245398-725345543-1003\Di1.ORG]\Crack\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044688.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044689.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044690.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044691.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044692.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044693.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044694.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044695.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044696.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044697.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044698.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044699.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044700.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044701.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044702.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044703.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044704.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044705.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044706.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044707.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044708.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044709.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044710.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044711.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044713.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044714.sys Infected: Trojan-Downloader.Win32.Agent.ggt skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044715.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044716.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044717.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044718.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044719.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044722.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044724.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044725.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044726.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044727.exe Infected: Trojan-Downloader.Win32.Small.hka skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044728.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044729.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044730.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044731.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044732.exe Infected: Trojan.Win32.Qhost.aei skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044733.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044734.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044735.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044737.sys Infected: Trojan-Downloader.Win32.Agent.hbs skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044738.sys Infected: Trojan-Downloader.Win32.Agent.ggt skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044739.sys Infected: Trojan-Downloader.Win32.Diehard.dr skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044740.sys Infected: Email-Worm.Win32.Agent.l skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044741.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044743.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044745.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044747.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044749.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044750.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044751.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044754.dll Infected: Trojan.Win32.BHO.pr skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044755.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044756.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044757.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044758.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044759.exe Infected: Trojan.Win32.Qhost.aei skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044760.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044761.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044762.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044765.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044766.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044767.exe Infected: Backdoor.Win32.VanBot.ax skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044770.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044773.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044774.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044775.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044776.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044777.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044779.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044780.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044781.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044782.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044784.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044786.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044788.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044790.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044791.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044792.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044793.dll Infected: Packed.Win32.Klone.k skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044795.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044796.exe Infected: Trojan-Downloader.Win32.Small.hka skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044798.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044800.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044801.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044802.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044804.exe Infected: Email-Worm.Win32.Zhelatin.kq skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044805.exe Infected: Backdoor.Win32.VanBot.dt skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044806.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044807.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044809.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044810.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044812.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044813.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044815.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044816.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044817.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044818.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044819.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044820.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044821.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044822.exe Infected: Trojan.Win32.Qhost.aei skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044823.exe Infected: Trojan-Downloader.Win32.Small.hka skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044824.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044825.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044826.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044828.exe Infected: Trojan-Downloader.Win32.Agent.fsc skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044829.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044830.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044831.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044832.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP96\A0044833.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046596.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046600.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046609.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046642.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046661.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046686.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046710.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046716.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046722.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046730.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046734.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046737.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046761.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046856.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046858.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046860.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046889.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046945.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046965.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046998.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0046999.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047000.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047001.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047003.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047004.sys Infected: Trojan-Downloader.Win32.Agent.ggt skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047005.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047006.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047007.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047008.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047009.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP97\A0047012.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\System Volume Information\_restore{25C3BB31-A7B0-48CB-9FFD-D0BCC8E2CCAB}\RP98\change.log Object is locked skipped
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe/stream/data0002 Infected: Trojan.Win32.Agent.ba skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe/stream/data0003/data0002 Infected: Trojan.Win32.Krepper.ag skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe/stream/data0003/data0004/data0004 Infected: Trojan-Downloader.Win32.IstBar.er skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe/stream/data0003/data0004 Infected: Trojan-Downloader.Win32.IstBar.er skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe/stream/data0003 Infected: Trojan-Downloader.Win32.IstBar.er skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP143\A0007743.exe NSIS: infected - 6 skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP144\A0008538.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP144\A0008539.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP144\A0008540.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP144\A0008545.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP144\A0008546.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009548.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009549.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009550.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009551.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009552.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009553.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0009555.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0010547.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0010548.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0010549.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0010550.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011547.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011548.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011549.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011550.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011551.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011552.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0011553.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012546.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012548.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012549.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012550.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012551.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012552.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012553.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012554.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012557.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012558.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012559.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012561.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP145\A0012562.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013546.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013548.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013549.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013550.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013551.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013552.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013553.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013556.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013557.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013558.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013559.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013560.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013561.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013563.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0013564.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014546.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014548.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014549.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014550.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014551.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014552.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014553.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014554.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014555.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014556.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014559.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014560.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014561.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014563.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014564.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0014568.sys Infected: Email-Worm.Win32.Agent.l skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015547.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015548.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015549.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015550.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015551.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015552.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015553.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015554.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015555.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015556.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015559.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015561.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015562.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015574.sys Infected: Email-Worm.Win32.Agent.l skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015600.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015601.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015602.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015603.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015604.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015605.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015606.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015607.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015608.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015611.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015612.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015613.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015614.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015615.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015616.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015618.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP146\A0015622.sys Infected: Email-Worm.Win32.Agent.l skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0015625.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016600.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016601.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016602.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016603.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016604.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016605.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016606.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016607.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016610.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016611.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016612.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016613.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016614.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016615.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016616.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016617.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016629.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016630.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016631.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016632.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016633.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016634.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016635.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016636.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016637.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016638.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016639.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016640.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016641.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016642.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016643.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016644.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0016648.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017629.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017630.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017631.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017632.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017633.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017634.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017635.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017636.exe Infected: Virus.Win32.Trats.d skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017637.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017638.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017639.sys Infected: Trojan.Win32.Patched.ao skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017641.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017642.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017643.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017644.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017645.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017651.exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\System Volume Information\_restore{38EF54EE-BD7B-42D9-8155-71D735FEDB0B}\RP147\A0017652.sys Infected: Email-Worm.Win32.Agent.l skipped
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
D:\WINDOWS\system32\cbxxuro.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\cdylwhnn .exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\cdylwhnn.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\ceva.exe Infected: Trojan-Downloader.Win32.Small.hka skipped
D:\WINDOWS\system32\cglh.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\Com\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\csrs .exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\csrs.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\dasd.exe Infected: Trojan.Win32.Qhost.aei skipped
D:\WINDOWS\system32\ddcyvst.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\dllcache\tcpip.sys Infected: Trojan.Win32.Patched.ao skipped
D:\WINDOWS\system32\dllcache\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\drivers\Lor71.sys Infected: Trojan-Downloader.Win32.Agent.hbs skipped
D:\WINDOWS\system32\drivers\Oqt13.sys Infected: Trojan-Downloader.Win32.Agent.ggt skipped
D:\WINDOWS\system32\drivers\secdrv.sys Infected: Trojan-Downloader.Win32.Diehard.dr skipped
D:\WINDOWS\system32\drivers\smtpdrv.sys Infected: Email-Worm.Win32.Agent.l skipped
D:\WINDOWS\system32\drivers\tcpip.sys Infected: Trojan.Win32.Patched.ao skipped
D:\WINDOWS\system32\ecyuhjb.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\efcbyvv.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\efcyxyw.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\explorer .exe Infected: Backdoor.Win32.Nepoe.s skipped
D:\WINDOWS\system32\explorer.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\fccaabc.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\fccyaxx.dll Infected: Trojan.Win32.BHO.pr skipped
D:\WINDOWS\system32\firewall .exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\WINDOWS\system32\firewall.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\fkcteaof .exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\fkcteaof.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\fzbvqynw.exe Infected: Trojan.Win32.Qhost.aei skipped
D:\WINDOWS\system32\gebbaww.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\gxzr.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\hggdcay.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\iexplore .exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\WINDOWS\system32\iexplore.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\ihhbtcg.exe Infected: Backdoor.Win32.VanBot.ax skipped
D:\WINDOWS\system32\Isass.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\WINDOWS\system32\khfghhf.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\klkgcxh.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\letbkt.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\lfylyt.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\lgemyji.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\ljjkkhe.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\lkao.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\lssas .exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\WINDOWS\system32\lssas.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\mwld.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\npp\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\oobe\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\opnolml.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\opnopol.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\oprcfd.exe Infected: Backdoor.Win32.Agent.bxz skipped
D:\WINDOWS\system32\pmkjgfe.dll Infected: Packed.Win32.Klone.k skipped
D:\WINDOWS\system32\pmnnm.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\pvwngf.exe Infected: Trojan-Downloader.Win32.Small.hka skipped
D:\WINDOWS\system32\qgma.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\qomlkjh.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\qsnm.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\Restore\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\rhwvibsd.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\sdhfsd.exe Infected: Email-Worm.Win32.Zhelatin.kq skipped
D:\WINDOWS\system32\spooIsv.exe Infected: Backdoor.Win32.VanBot.dt skipped
D:\WINDOWS\system32\spooldr.sys Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\ssqonnn.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\teej.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\ttuoaj.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\tuvwxww.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\ulqtxa.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\usmt\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\vtusqom.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\wbem\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\system32\whtjol.exe Infected: Trojan-Proxy.Win32.Agent.mf skipped
D:\WINDOWS\system32\wmvwwx .exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\wmvwwx.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\wvuuuvt.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\xckhaj.exe Infected: Trojan.Win32.Qhost.aei skipped
D:\WINDOWS\system32\xgppimhl.exe Infected: Trojan-Downloader.Win32.Small.hka skipped
D:\WINDOWS\system32\xxyvttu.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\xxyyxvs.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\yayyvvu.dll Infected: Trojan-Downloader.Win32.Small.hje skipped
D:\WINDOWS\system32\yiqka.exe Infected: Trojan-Downloader.Win32.Agent.fsc skipped
D:\WINDOWS\system32\zekekuf.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\zprck .exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\zprck.exe Infected: Virus.Win32.Trats.d skipped
D:\WINDOWS\system32\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped
D:\WINDOWS\_install.exe Infected: Email-Worm.Win32.Zhelatin.ki skipped

Scan process completed.
 

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
Click here to download Dr.Web CureIt and save it to your desktop.
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look if you can click next icon next to the files found:
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:

    This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply along with a new Hijack This log.
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
Hi Cybertech,

First of all thx so much 4your help. In few words °à#&%$£ what happened to my computer !!! Im always extra careful and BUM 443files infected!! I got that computer like few months back and was in bad condition. I reinstaled windows on drive C and was going not so bad till last week. I didnt even know that folder WINDOWS existed on drive D ??? is it pos. that all that viruses was hiding there? any way including new hijack log and screen of Dr.web

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11.14.25, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\bcmwltry.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Itunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\PokerOffice\bin\javaw.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmaildomini.aruba.it/cgi-bin/webmail.cgi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Poker.com - {4f34c291-5837-4f45-ade1-da5502c69fef} - C:\Documents and Settings\Pawel Dudnik\Start Menu\Programs\Poker.com\Poker.com.lnk (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Pawel Dudnik\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - https://62.149.165.3:4643/vz/rdp/msrdp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 10307 bytes

and DrWeb log but its very short?

scroll[1].js C:\Documents and Settings\Pawel Dudnik\Local Settings\Temporary Internet Files\Content.IE5\0M9XMYDA Modification of VBS.Req Moved.
073c0e537419276dc2039f31729ca568_1[1].js C:\Documents and Settings\Pawel Dudnik\Local Settings\Temporary Internet Files\Content.IE5\P0XDDJVK Probably SCRIPT.Virus
 

Attachments

cybertech

Retired Moderator
Joined
Apr 16, 2002
Messages
72,115
The D drive could have been a cd or thumb drive, etc if you do not have a physical D drive.


Use Secunia software inspector & update checker to update your java and any other out of date applications.

Also go to add/remove programs and remove all old versions of Java.





Run HJT again and put a check in the following:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: Poker.com - {4f34c291-5837-4f45-ade1-da5502c69fef} - C:\Documents and Settings\Pawel Dudnik\Start Menu\Programs\Poker.com\Poker.com.lnk (HKCU)
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Pawel Dudnik\Start Menu\Programs\CarbonPoker\CarbonPoker.lnk (HKCU)

Close all applications and browser windows before you click "fix checked".


How is it running now? Any problems?
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
its running ok right now , no turn off's and other wired stuff but gone run your adv first
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
here is latest scan log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.54.54, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\bcmwltry.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Itunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\PokerOffice\bin\javaw.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmaildomini.aruba.it/cgi-bin/webmail.cgi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [bcmwltry] bcmwltry.exe
O4 - HKLM\..\Run: [removecpl] RemoveCpl.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [POEngine] "C:\Program Files\PokerOffice\POEngine.exe" C:\Program Files\PokerOffice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - https://62.149.165.3:4643/vz/rdp/msrdp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 9750 bytes

can I permanently remove folder "WINDOWS" and "documents and settings" from my D: drive since prob that are remainings from previouse instalation?
 

Amica

Thread Starter
Joined
Apr 18, 2007
Messages
29
I did, its a second partition and I really dont need most of the stuff there , java just updated by secunia!!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top