« previous next »
Pages: [1]

Author Topic: virus/spyware wont go away  (Read 2528 times)

Offline media

  • Newbie
  • *
  • Posts: 32
  • Karma: +0/-0
    • View Profile
virus/spyware wont go away
« on: December 09, 2005, 11:35:28 AM »
ok for the past month ive been trying to get rid of this thing. ive tried spybot search and destroy, adaware SE, norton, and ewido. ewido seems to pick up most of the stuff but about 2 days later everything recreates itself. when its finding all the stuff it says its trojan.kolweb and other random spyware stuff. here is my hijackthis log,

Logfile of HijackThis v1.97.7
Scan saved at 8:26:34 AM, on 12/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Danny\My Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\system32\c7mz.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKLM\..\RunOnce: [2atb4.exe] C:\WINDOWS\System32\2atb4.exe /k
O4 - HKCU\..\RunOnce: [2atb4.exe] C:\WINDOWS\System32\2atb4.exe /k
O9 - Extra button: AIM (HKLM)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

here is my most recent ewido scan report,

---------------------------------------------------------
 ewido security suite - Scan report
---------------------------------------------------------

 + Created on:         2:03:16 PM, 12/7/2005
 + Report-Checksum:      6095CA29

 + Scan result:

   HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
   C:\Documents and Settings\Danny\Cookies\danny@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
   C:\Documents and Settings\Danny\Local Settings\Temp\c9h.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\Program Files\Adobe\Photoshop 7.0\wintfdpem32.dll -> Downloader.Murlo.ar : Cleaned with backup
   C:\Program Files\BearShare\wsjqh32.dll -> Downloader.Murlo.bg : Cleaned with backup
   C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\wmeayl32.dll -> Trojan.Zapchast : Cleaned with backup
   C:\Program Files\Kazaa\TopSearch.dll -> Spyware.Altnet : Cleaned with backup
   C:\setup304.exe -> Downloader.Agent.ac : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP18\A0000877.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP18\A0000881.dll -> Spyware.MediaTickets : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP53\A0006124.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP53\A0006227.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP70\A0008064.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP70\A0008065.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP70\A0008066.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP70\A0008067.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP70\A0008068.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP70\A0008073.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP71\A0008171.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008513.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008514.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008515.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008516.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008517.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008678.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008679.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008680.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008681.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008682.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008683.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008688.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008751.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008752.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008753.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008754.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008755.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008760.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008805.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008806.exe -> Dropper.Small.wb : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008807.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008809.exe -> Downloader.Small.agq : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008813.exe -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008814.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008815.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008816.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008817.exe -> Dropper.Agent.ro : Cleaned with backup
   C:\System Volume Information\_restore{40D23D17-ECD4-43C4-BAD5-4340C52061C3}\RP74\A0008825.exe -> Spyware.Altnet : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP436\A0047770.exe -> Trojan.Puper.w : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP436\A0047771.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP436\A0047773.exe -> Trojan.Puper.ax : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP436\A0047774.exe -> Trojan.Puper.bg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP436\A0047786.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP437\A0047962.exe -> Downloader.Small.bkg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP437\A0047965.exe -> Trojan.Favadd.aj : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048306.DLL -> Trojan.Puper.ax : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048307.exe -> Trojan.Puper.ax : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048308.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048310.exe -> Trojan.Favadd.aj : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048311.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048312.exe -> Trojan.Puper.bg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048313.exe -> Trojan.Puper.w : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048314.ini -> Spyware.PSGuard : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048315.EXE -> Downloader.Small.bkg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP440\A0048335.dll -> Trojan.Small.ev : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050077.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050078.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050079.EXE -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050080.EXE -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050081.EXE -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050082.EXE -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050083.EXE -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050084.dll -> Proxy.Small.ct : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050085.dll -> Proxy.Birdihuy.A : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050086.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050090.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050091.dll -> Dropper.Small.aev : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050099.dll -> Adware.SpySheriff : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050101.dll -> Spyware.SpywareNo : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050102.dll -> Adware.SpySheriff : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050108.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050109.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050110.exe -> Trojan.LowZones.y : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050112.exe -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050113.exe -> Dropper.Small.zg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050114.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050116.exe -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050117.exe -> Adware.SpySheriff : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050118.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050119.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050120.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050121.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050122.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050123.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050124.exe -> Downloader.PurityScan.ah : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050125.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050130.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050131.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050132.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050133.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050135.exe -> Trojan.LowZones.y : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050136.exe -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050137.exe -> Dropper.Small.zg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050138.exe -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050139.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050143.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050144.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050145.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0050146.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051130.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051131.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051132.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051133.exe -> Trojan.LowZones.y : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051134.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051135.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051136.exe -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051139.exe -> Dropper.Small.zg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051140.exe -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051141.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051142.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051143.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051144.dll -> Proxy.Small.ct : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051145.dll -> Proxy.Birdihuy.A : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051146.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051147.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051148.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051149.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051150.exe -> Dropper.Small.zg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0051152.dll -> Downloader.Small.anu : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052130.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052131.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052132.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052133.exe -> Trojan.LowZones.y : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052134.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052135.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052138.exe -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052139.exe -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052140.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052141.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052142.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052143.dll -> Proxy.Birdihuy.A : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052144.dll -> Proxy.Small.ct : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052145.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052146.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052147.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052148.exe -> Downloader.PurityScan.ah : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0052149.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053130.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053131.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053132.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053133.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053134.exe -> Trojan.LowZones.y : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053135.exe -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053136.dll -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053137.exe -> Dropper.Small.zg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053138.exe -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053140.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053141.dll -> Proxy.Small.ct : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053142.dll -> Proxy.Birdihuy.A : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053143.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053144.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053145.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053150.dll -> Downloader.Small.anu : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP447\A0053186.exe -> Downloader.Small.agq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP448\A0053191.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP448\A0053192.exe -> Downloader.Agent.ho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP448\A0053193.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP448\A0053194.exe -> Downloader.Small.bho : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP448\A0053195.exe -> Trojan.LowZones.y : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053279.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053280.exe -> Downloader.Agent.lv : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053281.exe -> Downloader.Small.ayi : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053282.dll -> Downloader.Small.anu : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053283.exe -> Adware.SpySheriff : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053287.dll -> Adware.SpySheriff : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053289.dll -> Spyware.SpywareNo : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053290.dll -> Adware.SpySheriff : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053298.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP454\A0053299.exe -> Downloader.PurityScan.ah : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053307.exe -> Proxy.Lager.x : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053309.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053310.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053311.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053315.exe -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053316.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053318.exe -> Spyware.Zbar : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053320.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053321.exe -> Proxy.Small.ct : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053322.exe -> Dropper.Agent.ro : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053323.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053325.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053326.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053327.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053329.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053332.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053333.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053334.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053335.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053336.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053337.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053338.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053339.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053340.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053341.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053342.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053343.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053344.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053345.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053346.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053347.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053348.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053349.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053350.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053351.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053352.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053353.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053354.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053355.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053356.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053357.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053358.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053359.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053360.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053361.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053362.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053363.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053364.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053365.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053366.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053367.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053368.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053369.exe -> Dialer.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053370.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053371.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053372.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053373.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053374.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053375.exe -> Trojan.Crypt.l : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053376.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053377.exe -> Dropper.Small.zg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053378.exe -> Spyware.Hijacker.Generic : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053379.exe -> Downloader.Small.biq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053380.exe -> Dropper.Small.acg : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053381.exe -> Downloader.Agent.tx : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053382.exe -> Downloader.Small.atl : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053383.exe -> Downloader.Small.atl : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053385.exe -> Downloader.Small.agq : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053386.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053387.exe -> Dropper.Small.acz : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053388.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053389.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053390.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053391.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053392.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053393.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053394.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053395.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053396.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053397.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053398.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053399.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053400.exe -> Dropper.Microjoin : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053405.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053406.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053407.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053415.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053416.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053417.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053430.exe -> Proxy.Delf.t : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053431.exe -> Proxy.Delf.t : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053436.exe -> Trojan.Delf.dt : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053437.exe -> Trojan.Delf.dt : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053438.exe -> Trojan.Delf.dt : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053439.exe -> Trojan.Delf.dt : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053450.DLL -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053451.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053455.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053460.DLL -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053461.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053462.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053470.DLL -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053471.dll -> Proxy.Small.bw : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053475.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\System Volume Information\_restore{F72795BB-6E98-4259-BCCB-E3202552B602}\RP455\A0053478.exe -> Proxy.Agent.gn : Cleaned with backup
   C:\WINDOWS\c9h.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\WINDOWS\system32\2en0.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\WINDOWS\system32\c9h.sys -> Trojan.Kolweb.g : Cleaned with backup
   C:\WINDOWS\system32\cjt.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\WINDOWS\system32\l10daz.exe -> Trojan.Kolweb.g : Cleaned with backup
   C:\WINDOWS\system32\rti5.dll -> Trojan.Kolweb.f : Cleaned with backup
   C:\WINDOWS\system32\tpy3uj.dll -> Trojan.Kolweb.f : Cleaned with backup


::Report End

like now, when i go to your site i get this popup, i ctrl alt del and this thing dj8.exe keeps opening, i run search for it and delete it but it just makes itself again in seconds. PLEASE help me.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
virus/spyware wont go away
« Reply #1 on: December 11, 2005, 12:26:14 PM »
Sorry for the delay

Can you do the following please
Create a folder for Hijackthis
Eg.. Open MyDocuments>>Right click an empty spot and left click NEW>>FOLDER
Name the new folder
HJT

This will be the new home for Hijackthis, additionally, hijackthis will make backups into that same folder
Next:
I need you to update your version of hijackthis
From my signature below download and save Hijackthis 1.99.1 to that new folder you made
You can delete your version of Hijackthis

Post back a log from this newer version please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline media

  • Newbie
  • *
  • Posts: 32
  • Karma: +0/-0
    • View Profile
virus/spyware wont go away
« Reply #2 on: December 11, 2005, 02:25:46 PM »
Logfile of HijackThis v1.99.1
Scan saved at 11:23:11 AM, on 12/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Danny\My Documents\HJT\hijackthis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe


im not sure if i got it or not, i ran adaware SE, ewido, and cleanup! in safe mode and so far nothing has came back.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
virus/spyware wont go away
« Reply #3 on: December 11, 2005, 02:29:57 PM »
It looks good

Any problems?

For added protections
You should install this free tool
SpywareBlaster 3.4 by JavaCool
*Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
After installation, Check for updates and then click the "Enable all protection"

Check for updates every couple of weeks
after every update just simply click the "enable protection...."

We still have to clean your System restore folders
But I want to make sure you have no other problems
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline media

  • Newbie
  • *
  • Posts: 32
  • Karma: +0/-0
    • View Profile
virus/spyware wont go away
« Reply #4 on: December 11, 2005, 03:18:21 PM »
alright cool, no problems at all so far, i installed spywareblaster and lets clean out my system restore files http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
virus/spyware wont go away
« Reply #5 on: December 11, 2005, 03:29:07 PM »
I see you have/had Apples Ipod software installed
Did you remove it
If you did, I see an orpan service still running
If the above is true
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- iPodService

Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled

Before we clear your system restore folders
I noticed your not running any Anti-Virus software on your computer
Do you need a free solution?
It's not safe browsing without an Active AV running in the background

If you need a free solution
Can you install one of these please

AVG 7 by Grisoft
OR
Avast Home Edition by ALWIL

Only install one, more than one active AV software running on the computer can cause a conflict

After your new AV is installed, make sure it is updated and run a full scan
Let it fix whatever it finds

Reboot the computer afterwards

Come back here and let me know if it finds anything

Then we'll clear those restore points if things are still running smooth
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline media

  • Newbie
  • *
  • Posts: 32
  • Karma: +0/-0
    • View Profile
virus/spyware wont go away
« Reply #6 on: December 11, 2005, 04:24:52 PM »
alright i installed avast and i ran a scan before it opened windows all the way, is it going to do this everytime ? it took forever. now that its running all the time at the bottom in my toolbar, is it going to do random updates and slow down my pc ? or just slow it down in any other way ? well everything is running smooth now, here is a new hjt log just incase u need it

Logfile of HijackThis v1.99.1
Scan saved at 1:23:57 PM, on 12/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Danny\My Documents\HJT\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

tell me what to do next http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
virus/spyware wont go away
« Reply #7 on: December 11, 2005, 04:51:38 PM »
Good work, let's do the following

If everything is running better, please do the following
You should disable system restore>>Reboot your computer>>and then reenable it
This will clear all your restore points and ensure you don't restore any nasties
How to Disable and Re-enable System Restore feature
Make sure you reenble system restore feature

Not sure what you mean by this
Quote
i ran a scan before it opened windows all the way

Can you explain please
Additionally your new Anti-Virus software comes with 6 scanners
Not all you may need running on startup

If you double click on the Avast icon by the clock
The round Icon with the A
It should open Avast
Click on More Details

You may not need all scanners running on startup
But make sure you leave what you need
Here's a link to explain what's running
http://www.avast.com/eng/avast_4_home.html

Take note:
Leave the STANDARD SHIELD running
Also leave Internet Email scanner running
This checks your email for viruses, including Outlook Express client

The Outlook/Exchane scanner, if you don't use Outlook
Not to confuse it with Outlook Express, you can terminate this scanner

P2P scanner, if you don't use File sharing programs, you can shut this down
Instant messaging scanner, again, if you don't use Instant messenger you can terminate this
I see you have AIM installed, you may want to leave this one running

A good habit, anything you download from the internet
Save to disk and then right click on it and scan with Avast before opening it

The updater>>>I would leave the default settings
This includes
On  bootup, Avast will call home and search for updates
If there are new definition file updates it will install them automatically
If there are program updates it will prompt you to install them

That doesn't happen on every bootup
I believe it's set by time interval
You can set the interval by right click the avast icon and click on Programs setting
Update>>>Details

Don't forget to register your product
They will email you a reg. number that you copy and paste to Avast
I think this is pasted to
Right click the Avast icon and left click About Avast

Now that we're sure your clean
You should also consider updating to Service pack 2
Beforehand
If you haven't run a Disk Defragment on your computer for awhile, now would be a good time

Then install SP2 to get the latest updates and keep your system secure
Read this link
http://www.microsoft.com/windowsxp/sp2/default.mspx

Stay safe  http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline media

  • Newbie
  • *
  • Posts: 32
  • Karma: +0/-0
    • View Profile
virus/spyware wont go away
« Reply #8 on: December 11, 2005, 06:28:38 PM »
i meant to put, IT ran a scan when windows was starting up, i was just hoping it didnt do that everytime but i guess it was just for the first time. its cool. i changed the avast! settings and i turned off the restore, rebooted, and turned it back on. everything is still running perfect and now im protected in the future! thanks for everything, if i ever get another problem i will be sure to post a new thread! you guys are awesome, merry xmas http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\':D\' />
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
virus/spyware wont go away
« Reply #9 on: December 11, 2005, 06:40:43 PM »
Merry xmas to you too media


Take care
I'll lock this topic as your problems are resolved
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »