SMiller

Mr. C - WOW! That sucks. I will present her with the options and let you know. I tried to use the Network Connections folder to disconnect, but it would not let me so I unplugged their modem. Had to plug it back in as I needed to respond to this message. I will unplug it till I know what she has decided to do. Thx.

Mr. C.- Hope you had a nice Thanksgiving. If you don't want to work on this today and resume tomorrow, just let me know. No worries. Here is the RK Log: RogueKiller V8.7.9 [Nov 25 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : user [Admin rights] Mode : Scan -- Date : 11/28/2013 15:53:00 | ARK || FAK || MBR | ¤¤¤ Bad processes : 3 ¤¤¤ [sUSP PATH][DLL] explorer.exe -- C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll [x] -> UNLOADED [sUSP PATH][DLL] explorer.exe -- C:\DOCUME~1\user\LOCALS~1\Temp\CmdLineExt02.dll [x] -> UNLOADED [sUSP PATH][DLL] rundll32.exe -- C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll [x] -> rundll32.exe KILLED [TermProc] [ZeroAccess][sERVICE] ???etadpug -- "C:\Program Files\Google\Desktop\Install\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\ \ \???ﯹ๛\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\GoogleUpdate.exe" < [x] -> STOPPED ¤¤¤ Registry Entries : 12 ¤¤¤ [RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\user\Local Settings\Application Data\Google\Desktop\Install\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\???\???\???ﯹ๛\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\GoogleUpdate.exe" >) -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : Scansoft (rundll32 "C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\.DEFAULT\[...]\Run : Scansoft (rundll32 "C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-19\[...]\Run : Scansoft (rundll32 "C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-20\[...]\Run : Scansoft (rundll32 "C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][ZeroAccess] HKUS\S-1-5-21-3017082454-3989249824-4138789213-1003\[...]\Run : Google Update ("C:\Documents and Settings\user\Local Settings\Application Data\Google\Desktop\Install\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\???\???\???ﯹ๛\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\GoogleUpdate.exe" >) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-3017082454-3989249824-4138789213-1003\[...]\Run : Scansoft (rundll32 "C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll",DllRegisterServer [x][x][x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-18\[...]\Run : Scansoft (rundll32 "C:\Documents and Settings\user\Local Settings\Application Data\Identities\Scansoft\gged.dll",DllRegisterServer [x][x][x]) -> FOUND [sERVICE][ZeroAccess] HKLM\[...]\CCSet\[...]\Services : ???etadpug ("C:\Program Files\Google\Desktop\Install\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\ \ \???ﯹ๛\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\GoogleUpdate.exe" < [x]) -> FOUND [sERVICE][ZeroAccess] HKLM\[...]\CS001\[...]\Services : ???etadpug ("C:\Program Files\Google\Desktop\Install\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\ \ \???ﯹ๛\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\GoogleUpdate.exe" < [x]) -> FOUND [sERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files\Google\Desktop\Install\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\ \ \???ﯹ๛\{5474dddd-bccf-24cd-76ad-e0e9a9a32696}\GoogleUpdate.exe" < [x]) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][Junction] Antimalware : C:\Program Files\Microsoft Security Client\Antimalware >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] Backup : C:\Program Files\Microsoft Security Client\Backup >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] DbgHelp.dll : C:\Program Files\Microsoft Security Client\DbgHelp.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] Drivers : C:\Program Files\Microsoft Security Client\Drivers >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] en-us : C:\Program Files\Microsoft Security Client\en-us >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] EppManifest.dll : C:\Program Files\Microsoft Security Client\EppManifest.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] LegitLib.dll : C:\Program Files\Microsoft Security Client\LegitLib.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Microsoft Security Client\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpClient.dll : C:\Program Files\Microsoft Security Client\MpClient.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Microsoft Security Client\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Microsoft Security Client\MpCommu.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] mpevmsg.dll : C:\Program Files\Microsoft Security Client\mpevmsg.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpOAv.dll : C:\Program Files\Microsoft Security Client\MpOAv.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Microsoft Security Client\MpRTP.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Microsoft Security Client\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Microsoft Security Client\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpEng.exe : C:\Program Files\Microsoft Security Client\MsMpEng.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Microsoft Security Client\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Microsoft Security Client\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] msseces.exe : C:\Program Files\Microsoft Security Client\msseces.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsseWat.dll : C:\Program Files\Microsoft Security Client\MsseWat.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] Setup.exe : C:\Program Files\Microsoft Security Client\Setup.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] SetupRes.dll : C:\Program Files\Microsoft Security Client\SetupRes.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] shellext.dll : C:\Program Files\Microsoft Security Client\shellext.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] sqmapi.dll : C:\Program Files\Microsoft Security Client\sqmapi.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] SymSrv.dll : C:\Program Files\Microsoft Security Client\SymSrv.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] SymSrv.yes : C:\Program Files\Microsoft Security Client\SymSrv.yes >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Folder] Install : C:\Documents and Settings\user\Local Settings\Application Data\Google\Desktop\Install [-] --> FOUND [ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> FOUND ¤¤¤ Driver : [LOADED] ¤¤¤ [Address] SSDT[25] : NtClose @ 0x805BC564 -> HOOKED (Unknown @ 0xF7C5D86C) [Address] SSDT[41] : NtCreateKey @ 0x8062426A -> HOOKED (Unknown @ 0xF7C5D826) [Address] SSDT[50] : NtCreateSection @ 0x805AB3FC -> HOOKED (Unknown @ 0xF7C5D876) [Address] SSDT[53] : NtCreateThread @ 0x805D1068 -> HOOKED (Unknown @ 0xF7C5D81C) [Address] SSDT[63] : NtDeleteKey @ 0x80624706 -> HOOKED (Unknown @ 0xF7C5D82B) [Address] SSDT[65] : NtDeleteValueKey @ 0x806248D6 -> HOOKED (Unknown @ 0xF7C5D835) [Address] SSDT[68] : NtDuplicateObject @ 0x805BE03C -> HOOKED (Unknown @ 0xF7C5D867) [Address] SSDT[98] : NtLoadKey @ 0x8062648E -> HOOKED (Unknown @ 0xF7C5D83A) [Address] SSDT[122] : NtOpenProcess @ 0x805CB486 -> HOOKED (Unknown @ 0xF7C5D808) [Address] SSDT[128] : NtOpenThread @ 0x805CB712 -> HOOKED (Unknown @ 0xF7C5D80D) [Address] SSDT[177] : NtQueryValueKey @ 0x8062248E -> HOOKED (Unknown @ 0xF7C5D88F) [Address] SSDT[193] : NtReplaceKey @ 0x8062633E -> HOOKED (Unknown @ 0xF7C5D844) [Address] SSDT[200] : NtRequestWaitReplyPort @ 0x805A2DAA -> HOOKED (Unknown @ 0xF7C5D880) [Address] SSDT[204] : NtRestoreKey @ 0x80625C4A -> HOOKED (Unknown @ 0xF7C5D83F) [Address] SSDT[213] : NtSetContextThread @ 0x805D2C4A -> HOOKED (Unknown @ 0xF7C5D87B) [Address] SSDT[237] : NtSetSecurityObject @ 0x805C0662 -> HOOKED (Unknown @ 0xF7C5D885) [Address] SSDT[247] : NtSetValueKey @ 0x806227DC -> HOOKED (Unknown @ 0xF7C5D830) [Address] SSDT[255] : NtSystemDebugControl @ 0x8061823E -> HOOKED (Unknown @ 0xF7C5D88A) [Address] SSDT[257] : NtTerminateProcess @ 0x805D2308 -> HOOKED (Unknown @ 0xF7C5D817) [Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7C5D89E) [Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7C5D8A3) [inline] EAT @iexplore.exe (gHotSpotVMIntConstants) : jvm.dll -> HOOKED (Unknown @ 0xDE1364E8) ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD080HJ/P +++++ --- User --- [MBR] 1bef0b623746fd6ec255a81767552196 [bSP] 40194575b63edbefc8e409b6e74afbc2 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76285 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Hitachi HTS545050B9A300 USB Device +++++ --- User --- [MBR] 35c3190a7add9708aef1547142def267 [bSP] f01b13ef96a35a1062f5e48338513bd2 : Windows XP MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x32] The request is not supported. ) Finished : << RKreport[0]_S_11282013_155300.txt >>

Mr. Charlie, I will be able to get to work on your instructions tomorrow. Thanks for getting back with me so quickly.

Hi, this post is to try and help a friend with an unknown virus. (I will be with her over the next several weeks so I will be able to access her computer as necessary. I instructed her to leave it alone until I can get this fixed.) She has Malwarebytes and Avira Free running. Malwarebytes located 161 malicious entries several days ago and was down to 0 detections. The previous 161 were mostly associated with "Gaming Wonderland". Don't know what that is and they haven't downloaded anything recently to account for this. Latest detection from Avira is "TR/Tracur.A.2167". I ran DDS. Here are the logs: DDS: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_35 Run by user at 17:40:11 on 2013-11-26 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.393 [GMT -8:00] . AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes ================ . C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Common Files\BeFrugal.com\Toolbar\befrgl.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\BeFrugal.com\Toolbar\BFHP.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Everything\Everything.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\msdtc.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\svchost.exe -k HTTPFilter . ============== Pseudo HJT Report =============== . uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" BHO: BeFrugalIEHelper: {2335A057-CBA6-40F6-A712-C6A7C98F7813} - c:\program files\common files\befrugal.com\toolbar\BFTB.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: GamingWonderland: {A899079D-206F-43A6-BE6A-07E0FA648EA0} - TB: BeFrugal.com Toolbar: {5BA2C4EE-42EF-4E2D-88BE-7271AE4E35B7} - c:\program files\common files\befrugal.com\toolbar\BFTB.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: GamingWonderland: {a899079d-206f-43a6-be6a-07e0fa648ea0} - uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [scansoft] rundll32 "c:\documents and settings\user\local settings\application data\identities\scansoft\gged.dll",DllRegisterServer mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Everything] "c:\program files\everything\Everything.exe" -startup mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini" mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun dRun: [scansoft] rundll32 "c:\documents and settings\user\local settings\application data\identities\scansoft\gged.dll",DllRegisterServer StartupFolder: c:\docume~1\user\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-DisallowRun: 1 = avnotify.exe mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: &Search - http://buttons.gamingwonderland.com/one-toolbaredits/menusearch.jhtml?s=100000425&p2=^Z7^xdm621^YYA^us&si=4721&a=EB453169-5CBA-4D6D-B281-6B0966936191&n=2013102415&cv=1 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: mswsock.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{1BBCC11C-8602-4C84-A7A6-8C1E926C19D6} : DHCPNameServer = 192.168.1.1 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 214696] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-8-29 36000] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-8-29 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-8-29 110032] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-8-29 83392] R2 BeFrugal.com Service;BeFrugal.com Service;c:\program files\common files\befrugal.com\toolbar\befrgl.exe [2013-8-11 346960] S0 cerc6;cerc6; [x] . =============== File Associations =============== . ShellExec: regsvr32.exe: RegDLL=regsvr32 %1 ShellExec: regsvr32.exe: UnRegDLL=regsvr32 /u %1 . =============== Created Last 30 ================ . 2013-11-23 04:23:45 -------- d-----w- c:\documents and settings\all users\application data\Cisco Systems 2013-11-22 19:54:57 7772552 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{faf85374-2359-4ebc-a901-c4974e021cd8}\mpengine.dll 2013-11-21 11:18:06 7772552 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-11-06 22:13:57 -------- d-----w- c:\documents and settings\user\application data\VirtualStore . ==================== Find3M ==================== . 2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-10-30 21:59:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-10-30 21:59:04 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-10-13 07:25:38 920064 ----a-w- c:\windows\system32\wininet.dll 2013-10-13 07:25:08 43520 ------w- c:\windows\system32\licmgr10.dll 2013-10-13 07:25:02 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-10-13 07:24:17 18944 ----a-w- c:\windows\system32\corpol.dll 2013-10-13 06:57:59 385024 ------w- c:\windows\system32\html.iec 2013-10-12 15:56:19 278528 ----a-w- c:\windows\system32\oakley.dll 2013-10-09 13:12:48 287744 ----a-w- c:\windows\system32\gdi32.dll 2013-10-07 10:59:21 603136 ----a-w- c:\windows\system32\crypt32.dll 2013-10-05 01:14:01 7168 ----a-w- c:\windows\system32\xpsp4res.dll 2013-09-27 17:53:06 214696 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-08-17 11:47:38 4024320 ----a-w- c:\program files\GUT2.tmp . ============= FINISH: 17:46:21.76 =============== Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 8/17/2012 4:46:36 AM System Uptime: 11/26/2013 4:44:32 PM (1 hours ago) . Motherboard: Dell Inc. | | 0RF703 Processor: Intel® Pentium® D CPU 3.00GHz | Microprocessor | 2992/800mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 74 GiB total, 22.27 GiB free. D: is CDROM () E: is FIXED (FAT32) - 466 GiB total, 127.595 GiB free. F: is Removable G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP585: 11/24/2013 3:43:21 PM - System Checkpoint RP586: 11/25/2013 3:48:17 PM - System Checkpoint RP587: 11/26/2013 3:56:27 PM - System Checkpoint . ==== Installed Programs ====================== . 7-Zip 9.20 Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.8) Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update Avira Free Antivirus BeFrugal.com Toolbar Blues Clues School Bonjour Broadcom Gigabit Integrated Controller Brother MFL-Pro Suite MFC-790CW CasinoSplendido Compatibility Pack for the 2007 Office system ConvertXtoDVD 4.0.9.322 Disney Tangled Everything 1.2.1.371 foobar2000 v1.1.13 Google Earth Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) ImgBurn Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 6 Update 35 JNLP JS3DPreSchool JSWPFCom JSWPFGrade1 JSWPFGrade2 JSWPFGradeK JumpStart 3D Ages 3-5 JumpStart 3D Ages 4-6 JumpStart 3D Ages 5-7 JumpStart 3D Ages 6-8 Las Vegas Super Casino Magic ISO Maker v5.5 (build 0281) MagicDisc 2.7.106 Malwarebytes Anti-Malware version 1.75.0.1300 Media Player Codec Pack 3.9.6 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office Standard Edition 2003 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 Essentials neroxml OpenOffice.org 3.4 PaperPort Image Printer Picasa 3 PowerDVD DX QuickTime SAMSUNG Intelli-studio ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2799329) Security Update for Windows Internet Explorer 8 (KB2809289) Security Update for Windows Internet Explorer 8 (KB2817183) Security Update for Windows Internet Explorer 8 (KB2829530) Security Update for Windows Internet Explorer 8 (KB2838727) Security Update for Windows Internet Explorer 8 (KB2846071) Security Update for Windows Internet Explorer 8 (KB2847204) Security Update for Windows Internet Explorer 8 (KB2862772) Security Update for Windows Internet Explorer 8 (KB2870699) Security Update for Windows Internet Explorer 8 (KB2879017) Security Update for Windows Internet Explorer 8 (KB2888505) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB2834904-v2) Security Update for Windows Media Player (KB2834904) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2497640) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2753842) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2808735) Security Update for Windows XP (KB2813170) Security Update for Windows XP (KB2813345) Security Update for Windows XP (KB2820197) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB2829361) Security Update for Windows XP (KB2834886) Security Update for Windows XP (KB2839229) Security Update for Windows XP (KB2845187) Security Update for Windows XP (KB2847311) Security Update for Windows XP (KB2849470) Security Update for Windows XP (KB2850851) Security Update for Windows XP (KB2850869) Security Update for Windows XP (KB2859537) Security Update for Windows XP (KB2862152) Security Update for Windows XP (KB2862330) Security Update for Windows XP (KB2862335) Security Update for Windows XP (KB2864063) Security Update for Windows XP (KB2868626) Security Update for Windows XP (KB2876217) Security Update for Windows XP (KB2876315) Security Update for Windows XP (KB2876331) Security Update for Windows XP (KB2883150) Security Update for Windows XP (KB2900986) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) SoundMAX swMSM TeamViewer 7 Unity Web Player Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB2447568) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB2863058) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VCRedistSetup VLC media player 2.0.3 WebFldrs XP Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 WinPalace . ==== Event Viewer Messages From Past Week ======== . 11/25/2013 5:29:12 PM, error: VolSnap [12] - The shadow copy of volume C: became low on diff area space before it was properly installed. 11/24/2013 5:15:59 PM, error: Service Control Manager [7034] - The BeFrugal.com Service service terminated unexpectedly. It has done this 1 time(s). 11/23/2013 11:36:58 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect. 11/23/2013 11:36:58 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/23/2013 11:36:56 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 11/23/2013 11:34:59 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 11/23/2013 11:08:17 AM, error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: The file can not be accessed by the system. 11/23/2013 11:08:04 AM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 11/22/2013 8:46:28 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 11/22/2013 8:46:22 PM, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 0019B92290D4 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). . ==== End Of File =========================== Any help is greatly appreciated.

DK, Thanks again. I will look it over to see what I need to do. When I had my new hard drive put in, they only made it 80Gb. The actual drive is 160Gb. Will re-formatting all me access to all 160Gb? Probably not your area, but thought I'd ask. Lastly, what anti-virus, firewall, and malware programs should I put on after I re-format. As you already know, I have Avira, MS Firewall (I think), and Malwarebytes. Any other suggestions so that this doesn't happen to me again? I know that nothing is 100%, but whatever I have been using is NOT working. Thanks for all the help. We tried. I would buy a new laptop if I could afford one, but I just can't right now. -Scott

DK, WOW!! I did not realize my computer was so f--, uh, screwed up! I stopped downloading with p2p programs over 2 yrs ago. Not sure how I got hit but thanks for telling me. I think re-formatting is probably my best option. I am not sure if that is something I can do myself or if I am better off paying someone to do it. I do have my Windows XP disc, but have never re-formatted before. Your thoughts? Thx. -Scott

KRD_10 Log (cont'd): 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll 11/20/12 1:14 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll 11/20/12 1:14 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfHost.exe 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfHost.exe 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfHost.exe 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll 11/20/12 1:13 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll 11/20/12 1:13 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll 11/20/12 1:12 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll 11/20/12 1:12 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL 11/20/12 1:11 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL 11/20/12 1:11 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL 11/20/12 1:10 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL 11/20/12 1:10 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL 11/20/12 1:10 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL 11/20/12 1:10 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL 11/20/12 1:10 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL 11/20/12 1:10 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL 11/20/12 1:10 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL 11/20/12 1:10 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL 11/20/12 1:10 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini 11/20/12 1:10 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:10 PM Deleted: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/0.9373848991608904.exe 11/20/12 1:05 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/0.9373848991608904.exe 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/20/12 1:03 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll Postponed 11/20/12 1:03 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/20/12 1:02 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe Postponed 11/20/12 1:02 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/20/12 1:02 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe Postponed 11/20/12 1:02 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/20/12 1:02 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe Postponed 11/20/12 1:02 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/20/12 1:02 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll Postponed 11/20/12 1:02 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/20/12 12:58 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 12:58 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 12:58 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 12:58 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 12:58 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 12:58 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 12:56 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe Postponed 11/20/12 12:56 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe 11/20/12 12:56 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll Postponed 11/20/12 12:56 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll 11/20/12 12:56 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll Postponed 11/20/12 12:56 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfHost.exe Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfHost.exe 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll 11/20/12 12:55 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll Postponed 11/20/12 12:55 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll 11/20/12 12:54 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll Postponed 11/20/12 12:54 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll 11/20/12 12:53 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll Postponed 11/20/12 12:53 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll 11/20/12 12:52 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll Postponed 11/20/12 12:52 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll Postponed 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll Postponed 11/20/12 12:51 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe Postponed 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe 11/20/12 12:51 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll 11/20/12 12:35 PM Processing error C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}(2)/RP117(2)/A0085898.ini Read error 11/20/12 12:25 PM Processing error C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP14/A0023848.ini Read error 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:47 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:36 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/20/12 10:36 AM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/0.9373848991608904.exe Postponed 11/20/12 10:36 AM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/0.9373848991608904.exe 11/20/12 10:36 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 10:31 AM Untreated: Rootkit.Boot.Xpaj.a /dev/sda Postponed 11/20/12 10:31 AM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/20/12 10:30 AM Task started Objects Scan: malfunction (events: 1, objects: 0, time: Unknown) 11/25/12 2:08 PM Task started Objects Scan: malfunction (events: 1, objects: 0, time: Unknown) 11/25/12 4:13 PM Task started Objects Scan: completed 8 minutes ago (events: 18, objects: 668770, time: 02:48:21) 11/25/12 11:55 PM Task completed 11/25/12 11:55 PM Deleted: Virus.Win32.ZAccess.c C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP44/A0071917.sys 11/25/12 11:55 PM Untreated: Virus.Win32.ZAccess.c C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP44/A0071917.sys Cannot be disinfected 11/25/12 11:55 PM Detected: Virus.Win32.ZAccess.c C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP44/A0071917.sys 11/25/12 11:55 PM Deleted: Virus.Win32.ZAccess.c C:/Qoobox/Quarantine/C/WINDOWS/system32/Drivers/i8042prt.sys.vir 11/25/12 11:54 PM Untreated: Virus.Win32.ZAccess.c C:/Qoobox/Quarantine/C/WINDOWS/system32/Drivers/i8042prt.sys.vir Cannot be disinfected 11/25/12 11:54 PM Detected: Virus.Win32.ZAccess.c C:/Qoobox/Quarantine/C/WINDOWS/system32/Drivers/i8042prt.sys.vir 11/25/12 11:52 PM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/My Documents/BlackBerry Applications & Games/Desktop Mge (8-10-12) 710_b033_multilanguage.exe/Data1.cab/profman.dll.453CCAA6_FC73_4E6C_80F4_3C9A426AE1AC Write not supported 11/25/12 11:51 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/My Documents/BlackBerry Applications & Games/Desktop Mge (8-10-12) 710_b033_multilanguage.exe/Data1.cab/profman.dll.453CCAA6_FC73_4E6C_80F4_3C9A426AE1AC 11/25/12 11:22 PM Processing error C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}(2)/RP117(2)/A0085898.ini Read error 11/25/12 11:22 PM Untreated: Virus.Win32.ZAccess.c C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP44/A0071917.sys Postponed 11/25/12 11:22 PM Detected: Virus.Win32.ZAccess.c C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP44/A0071917.sys 11/25/12 11:11 PM Processing error C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP14/A0023848.ini Read error 11/25/12 11:10 PM Untreated: Virus.Win32.ZAccess.c C:/Qoobox/Quarantine/C/WINDOWS/system32/Drivers/i8042prt.sys.vir Postponed 11/25/12 11:10 PM Detected: Virus.Win32.ZAccess.c C:/Qoobox/Quarantine/C/WINDOWS/system32/Drivers/i8042prt.sys.vir 11/25/12 9:31 PM Untreated: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/My Documents/BlackBerry Applications & Games/Desktop Mge (8-10-12) 710_b033_multilanguage.exe/Data1.cab/profman.dll.453CCAA6_FC73_4E6C_80F4_3C9A426AE1AC Postponed 11/25/12 9:31 PM Detected: HEUR:Trojan.Win32.Generic C:/Documents and Settings/Rob/My Documents/BlackBerry Applications & Games/Desktop Mge (8-10-12) 710_b033_multilanguage.exe/Data1.cab/profman.dll.453CCAA6_FC73_4E6C_80F4_3C9A426AE1AC 11/25/12 9:07 PM Task started FRST Log: FRST Log: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2012 02 (ATTENTION: FRST version is 16 days old) Ran by Rob at 26-11-2012 00:12:42 Running from C:\Documents and Settings\Rob\Desktop Service Pack 3 (X86) OS Language: English(US) Attention: Could not load system hive. Error: The process cannot access the file because it is being used by another process. ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY. ==================== One Month Created Files and Folders ======== 2012-11-26 00:11 - 2012-11-10 20:53 - 00908066 ____A (Farbar) C:\Documents and Settings\Rob\Desktop\FRST.scr 2012-11-24 10:17 - 2012-11-24 10:17 - 00020408 ____A C:\ComboFix.txt 2012-11-24 09:40 - 2008-04-13 11:18 - 00052480 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\i8042prt.sys 2012-11-24 09:40 - 2008-04-13 11:18 - 00052480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys 2012-11-24 00:24 - 2012-11-24 00:24 - 00002386 ____A C:\Documents and Settings\Rob\Desktop\System Progressive Protection.lnk 2012-11-24 00:21 - 2012-11-24 00:21 - 00443392 ____A C:\Documents and Settings\Rob\My Documents\7af3996f.exe 2012-11-21 19:09 - 2012-11-24 08:42 - 00868213 ____A C:\Documents and Settings\Rob\Application Data\vso_ts_preview.xml 2012-11-21 15:01 - 2012-11-21 13:45 - 05004435 ____R (Swearware) C:\Documents and Settings\Rob\Desktop\ComboFix.scr 2012-11-19 16:21 - 2012-11-19 16:21 - 00167721 ____A C:\Windows\bqonge.bvw 2012-11-19 16:01 - 2012-11-19 16:49 - 00001908 ____A C:\Windows\pzbfq.oaw 2012-11-19 16:01 - 2012-11-19 16:20 - 00168562 ____A C:\Windows\dmpxpam.ncr 2012-11-19 16:00 - 2012-11-19 16:20 - 00058745 ____A C:\Windows\isguoi.dhl 2012-11-19 16:00 - 2012-11-19 16:01 - 00285926 ____A C:\Windows\htqfg.vmj 2012-11-19 16:00 - 2012-11-19 16:01 - 00243551 ____A C:\Windows\caoyta.gae 2012-11-18 20:29 - 2012-11-18 20:29 - 00403315 ____A C:\Windows\csmyoc.jxd 2012-11-18 20:29 - 2012-11-18 20:29 - 00351268 ____A C:\Windows\mlow.vbq 2012-11-18 20:29 - 2012-11-18 20:29 - 00204059 ____A C:\Windows\ibu.ufa 2012-11-18 20:27 - 2012-11-19 16:30 - 00049079 ____A C:\Windows\rhz.wvk 2012-11-18 16:24 - 2012-11-26 00:10 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2012-11-18 16:12 - 2012-11-19 16:47 - 00204907 ____A C:\Windows\naedt.lon 2012-11-18 16:12 - 2012-11-19 16:47 - 00022376 ____A C:\Windows\juhvr.ady 2012-11-17 22:45 - 2012-11-17 22:45 - 00004858 ____A C:\Documents and Settings\Rob\Desktop\SystemLook 11-17-12.txt 2012-11-16 17:25 - 2012-11-17 22:45 - 00004856 ____A C:\Documents and Settings\Rob\Desktop\SystemLook.txt 2012-11-16 17:25 - 2012-11-16 17:25 - 00139264 ____A C:\Documents and Settings\Rob\Desktop\SystemLook.scr 2012-11-16 12:42 - 2012-11-16 12:44 - 00007100 ____A C:\Windows\KB2761226.log 2012-11-16 12:42 - 2012-11-16 12:44 - 00006580 ____A C:\Windows\KB2727528.log 2012-11-15 20:49 - 2012-11-15 20:49 - 00002384 ____A C:\Documents and Settings\Rob\Desktop\Rkill 11-15-12.txt 2012-11-15 20:47 - 2012-11-24 09:30 - 00003860 ____A C:\Documents and Settings\Rob\Desktop\Rkill.txt 2012-11-14 19:31 - 2012-11-14 19:31 - 00000409 ____A C:\Documents and Settings\Rob\Desktop\RegistryFix.reg 2012-11-13 22:03 - 2012-11-13 22:03 - 00004204 ____A C:\Documents and Settings\Rob\Desktop\RKreport[4]_D_11132012_02d2203.txt 2012-11-13 22:02 - 2012-11-13 22:02 - 00004289 ____A C:\Documents and Settings\Rob\Desktop\RKreport[3]_S_11132012_02d2202.txt 2012-11-12 17:45 - 2012-11-12 17:45 - 00003926 ____A C:\Documents and Settings\Rob\Desktop\RKreport[2]_S_11122012_02d1745.txt 2012-11-10 21:29 - 2012-11-26 00:12 - 00000000 ____D C:\FRST 2012-11-10 21:05 - 2012-11-10 21:05 - 00005604 ____A C:\Windows\KB2712808.log 2012-11-10 21:04 - 2012-11-10 21:05 - 00006032 ____A C:\Windows\KB2731847-v2.log 2012-11-10 21:04 - 2012-11-10 21:05 - 00005848 ____A C:\Windows\KB2724197.log 2012-11-10 21:02 - 2012-11-10 21:05 - 00005352 ____A C:\Windows\KB2749655.log 2012-11-10 21:02 - 2012-11-10 21:05 - 00005348 ____A C:\Windows\KB2705219-v2.log 2012-11-10 21:02 - 2012-11-10 21:04 - 00005255 ____A C:\Windows\KB2661254-v2.log 2012-11-10 20:05 - 2012-11-10 20:05 - 00004670 ____A C:\Documents and Settings\Rob\Desktop\RKreport[1]_S_11102012_02d2005.txt 2012-11-09 00:27 - 2012-11-09 00:27 - 00008224 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT 2012-11-08 23:24 - 2012-11-09 00:18 - 00000530 ____A C:\Documents and Settings\Rob\Desktop\VirusTotal Analysis 1.txt 2012-11-08 23:19 - 2012-11-24 09:34 - 00001296 ____A C:\Documents and Settings\Rob\Desktop\CFScript.txt 2012-11-08 20:14 - 2012-11-08 20:14 - 00004078 ____A C:\Documents and Settings\Rob\Desktop\Rkill 11-8-12 20.07.43.txt 2012-11-08 15:59 - 2012-11-08 15:59 - 01754528 ____A (Bleeping Computer, LLC) C:\Documents and Settings\Rob\Desktop\rkill.scr 2012-11-08 11:43 - 2012-11-08 11:43 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\99718478.sys 2012-11-08 11:43 - 2012-11-08 11:43 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\64508186.sys 2012-11-07 23:25 - 2012-11-07 23:25 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\31255700.sys 2012-11-07 23:23 - 2012-11-07 23:23 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\00155280.sys 2012-11-07 23:16 - 2012-11-07 23:16 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\59382407.sys 2012-11-07 23:16 - 2012-11-07 23:16 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\54066471.sys 2012-11-07 23:15 - 2012-11-07 23:15 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\28443356.sys 2012-11-07 23:15 - 2012-11-07 23:15 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\23847152.sys 2012-11-07 23:06 - 2012-10-31 21:49 - 02213976 ____A (Kaspersky Lab ZAO) C:\Documents and Settings\Rob\Desktop\TDSSKiller.exe 2012-11-07 16:33 - 2012-11-07 16:33 - 00000000 ____A C:\Documents and Settings\Rob\My Documents\Default.PLS 2012-11-07 13:02 - 2012-11-13 22:03 - 00000000 ____D C:\Documents and Settings\Rob\Desktop\RK_Quarantine 2012-11-07 12:49 - 2012-11-07 12:49 - 00688901 ____R (Swearware) C:\Documents and Settings\Rob\Desktop\DDS.com 2012-11-07 12:45 - 2012-11-07 12:45 - 05345318 ____A C:\Documents and Settings\Rob\Desktop\Windows Repair.exe 2012-11-07 12:42 - 2012-11-07 12:42 - 00662016 ____A C:\Documents and Settings\Rob\Desktop\RogueKiller.scr 2012-11-06 13:42 - 2012-11-06 13:42 - 00000140 ____A C:\Documents and Settings\Rob\My Documents\Shockwave Puzzle Web Address (chg for diff puzzles).txt 2012-11-04 21:03 - 2012-11-04 22:08 - 00000034 ____A C:\Documents and Settings\Rob\Application Data\mbam.context.scan 2012-10-31 07:48 - 2011-11-19 20:08 - 00684297 ____A C:\Documents and Settings\Rob\Desktop\unhide2.exe 2012-10-28 22:00 - 2012-10-28 21:59 - 00029184 ____A C:\Documents and Settings\Rob\My Documents\Player Rating Form (Coaches).xlsx ==================== One Month Modified Files and Folders ======== 2012-11-26 00:12 - 2012-11-10 21:29 - 00000000 ____D C:\FRST 2012-11-26 00:11 - 2012-01-13 15:38 - 00045043 ____A C:\Windows\setupapi.log 2012-11-26 00:11 - 2007-11-27 19:03 - 01271701 ____A C:\Windows\WindowsUpdate.log 2012-11-26 00:11 - 2004-08-04 02:00 - 00001374 ____A C:\Windows\System32\wpa.dbl 2012-11-26 00:10 - 2012-11-18 16:24 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2012-11-26 00:10 - 2010-03-09 13:13 - 00000236 ____A C:\Windows\Tasks\OGALogon.job 2012-11-26 00:10 - 2007-11-27 10:54 - 00000159 ____A C:\Windows\wiadebug.log 2012-11-26 00:10 - 2007-11-27 10:54 - 00000050 ____A C:\Windows\wiaservc.log 2012-11-26 00:09 - 2007-11-27 19:17 - 00000062 __ASH C:\Documents and Settings\Rob\Local Settings\desktop.ini 2012-11-26 00:09 - 2007-11-27 19:16 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini 2012-11-26 00:09 - 2007-11-27 19:16 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-11-26 00:09 - 2007-11-27 19:10 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini 2012-11-25 20:21 - 2007-11-27 19:16 - 00032026 ____A C:\Windows\SchedLgU.Txt 2012-11-25 20:20 - 2007-11-27 19:17 - 00000278 ___SH C:\Documents and Settings\Rob\ntuser.ini 2012-11-24 21:40 - 2010-05-10 19:44 - 00247808 ____A C:\Documents and Settings\Rob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-11-24 10:17 - 2012-11-24 10:17 - 00020408 ____A C:\ComboFix.txt 2012-11-24 10:17 - 2012-06-11 12:15 - 00000000 ___AD C:\Qoobox 2012-11-24 10:11 - 2004-08-04 02:00 - 00000227 ____A C:\Windows\system.ini 2012-11-24 09:48 - 2010-05-12 14:14 - 00000000 ____D C:\Windows\ERDNT 2012-11-24 09:42 - 2007-11-27 10:49 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak 2012-11-24 09:42 - 2007-11-27 10:49 - 00028672 ____A C:\Windows\System32\config\SAM.bak 2012-11-24 09:42 - 2007-11-27 10:48 - 40632320 ____A C:\Windows\System32\config\software.bak 2012-11-24 09:42 - 2007-11-27 10:48 - 08650752 ____A C:\Windows\System32\config\system.bak 2012-11-24 09:41 - 2010-06-27 18:56 - 00008192 ____A C:\Windows\System32\config\SECURITY.tmp.LOG 2012-11-24 09:34 - 2012-11-08 23:19 - 00001296 ____A C:\Documents and Settings\Rob\Desktop\CFScript.txt 2012-11-24 09:30 - 2012-11-15 20:47 - 00003860 ____A C:\Documents and Settings\Rob\Desktop\Rkill.txt 2012-11-24 08:42 - 2012-11-21 19:09 - 00868213 ____A C:\Documents and Settings\Rob\Application Data\vso_ts_preview.xml 2012-11-24 00:24 - 2012-11-24 00:24 - 00002386 ____A C:\Documents and Settings\Rob\Desktop\System Progressive Protection.lnk 2012-11-24 00:21 - 2012-11-24 00:21 - 00443392 ____A C:\Documents and Settings\Rob\My Documents\7af3996f.exe 2012-11-23 18:09 - 2010-04-16 20:21 - 00000000 ____D C:\Documents and Settings\Rob\Application Data\Vso 2012-11-21 13:45 - 2012-11-21 15:01 - 05004435 ____R (Swearware) C:\Documents and Settings\Rob\Desktop\ComboFix.scr 2012-11-21 00:21 - 2007-11-27 10:48 - 03239936 ____A C:\Windows\System32\config\default.bak 2012-11-20 05:19 - 2009-02-25 13:32 - 01750016 ____A (Microsoft Corporation) C:\Windows\System32\xpssvcs.dll 2012-11-20 05:19 - 2009-02-25 13:32 - 00641024 ____A (Microsoft Corporation) C:\Windows\System32\xpsshhdr.dll 2012-11-20 05:19 - 2009-01-25 13:10 - 00252928 ____A C:\Windows\System32\xvidvfw.dll 2012-11-20 05:19 - 2008-05-31 19:57 - 00094208 ____A C:\Windows\System32\xmlparse.dll 2012-11-20 05:19 - 2006-10-18 20:00 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\wpdshextautoplay.exe 2012-11-20 05:19 - 2005-01-28 13:44 - 00393216 ____A (Microsoft Corporation) C:\Windows\System32\wpdmtpdr.dll 2012-11-20 05:19 - 2005-01-28 13:44 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\wpdmtpus.dll 2012-11-20 05:19 - 2005-01-28 13:44 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\wpdtrace.dll 2012-11-20 05:18 - 2009-03-12 10:48 - 00286720 ____A (Microsoft Corporation) C:\Windows\System32\wmpns.dll 2012-11-20 05:18 - 2008-11-06 08:35 - 00258048 ____A (The OpenSSL Project, http://www.openssl.org/) C:\Windows\System32\ssldivx.dll 2012-11-20 05:18 - 2008-09-12 11:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\wmphoto.dll 2012-11-20 05:18 - 2007-11-27 19:48 - 00266240 ____A () C:\Windows\System32\stac97co.dll 2012-11-20 05:18 - 2007-11-27 18:59 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\tscupgrd.exe 2012-11-20 05:18 - 2006-10-18 21:47 - 00357376 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll 2012-11-20 05:18 - 2006-03-03 19:33 - 00900096 ____A (Microsoft Corporation) C:\Windows\System32\wininet(3).dll 2012-11-20 05:18 - 2005-01-28 13:44 - 00494592 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmdev.dll 2012-11-20 05:18 - 2005-01-28 13:44 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\wpdmtp.dll 2012-11-20 05:18 - 2005-01-28 13:44 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\wpdconns.dll 2012-11-20 05:18 - 2004-08-04 02:00 - 00499712 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll 2012-11-20 05:18 - 2004-08-04 02:00 - 00415744 ____A (Microsoft Corporation) C:\Windows\System32\winhttp(3).dll 2012-11-20 05:18 - 2004-08-04 02:00 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\url(3).dll 2012-11-20 05:18 - 2004-08-04 02:00 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secur32(3).dll 2012-11-20 05:18 - 2004-08-04 02:00 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\taskman.exe 2012-11-20 05:18 - 2003-03-13 15:10 - 00098304 ____A (Sonic Solutions) C:\Windows\System32\vxdmdcdlg.dll 2012-11-20 05:18 - 2002-12-11 00:19 - 00454656 ____A (Gabest) C:\Windows\System32\vobsub.dll 2012-11-20 05:17 - 2010-01-09 19:14 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\ptpusd.dll 2012-11-20 05:17 - 2009-02-25 13:33 - 00179200 ____A (Microsoft Corporation) C:\Windows\System32\prntvpt.dll 2012-11-20 05:17 - 2008-11-06 08:37 - 03661824 ____A C:\Windows\System32\qt-dx331.dll 2012-11-20 05:17 - 2008-09-12 11:46 - 00477696 ____A (Microsoft Corporation) C:\Windows\System32\photometadatahandler.dll 2012-11-20 05:17 - 2007-08-13 18:54 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2012-11-20 05:17 - 2006-10-18 21:47 - 00415744 ____A (Microsoft Corporation) C:\Windows\System32\mp4sdecd.dll 2012-11-20 05:17 - 2006-06-28 17:59 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\nlsdl.dll 2012-11-20 05:17 - 2006-03-03 19:33 - 00539136 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled(2).dll 2012-11-20 05:17 - 2006-03-03 19:33 - 00262656 ____A (Microsoft Corporation) C:\Windows\System32\msrating(2).dll 2012-11-20 05:17 - 2005-01-26 10:48 - 00135168 ____A (Mars Semiconductor Corp.) C:\Windows\System32\mr310ipv.dll 2012-11-20 05:17 - 2004-08-04 02:00 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu(3).dll 2012-11-20 05:17 - 2004-08-04 02:00 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\migpwd.exe 2012-11-20 05:17 - 2004-08-04 02:00 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\odbcbcp.dll 2012-11-20 05:17 - 2003-03-18 21:12 - 01108992 ____A (Microsoft Corporation) C:\Windows\System32\mfc71u.dll 2012-11-20 05:17 - 2003-02-21 04:42 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll 2012-11-20 05:17 - 2001-10-12 09:58 - 00090112 ____A () C:\Windows\System32\mr310exd.dll 2012-11-20 05:16 - 2010-04-17 18:26 - 00527360 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll 2012-11-20 05:16 - 2008-11-06 08:35 - 01118208 ____A (The OpenSSL Project, http://www.openssl.org/) C:\Windows\System32\libdivx.dll 2012-11-20 05:16 - 2008-09-12 11:45 - 00143360 ____A (Conexant) C:\Windows\System32\mdmxsdk.dll 2012-11-20 05:16 - 2007-12-20 22:21 - 00233984 ____A (Logitech Inc.) C:\Windows\System32\lmoufrc.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00849408 ____A (Intel Corporation) C:\Windows\System32\ir50_32.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\jscript(2).dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00403968 ____A (Intel Corporation.) C:\Windows\System32\ir41_qcx.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00261632 ____A (Intel Corporation.) C:\Windows\System32\ir50_qc.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00260608 ____A C:\Windows\System32\ir32_32.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00245248 ____A (Intel Corporation.) C:\Windows\System32\ir50_qcx.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00237568 ____A (America Online) C:\Windows\System32\jgdw400.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00131072 ____A (Johnson-Grace Company) C:\Windows\System32\jgsh400.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00107008 ____A (America Online) C:\Windows\System32\jgsd400.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00105984 ____A (Johnson-Grace Company) C:\Windows\System32\jgaw400.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00097280 ____A (Johnson-Grace Company) C:\Windows\System32\jgmd400.dll 2012-11-20 05:16 - 2004-08-04 02:00 - 00089088 ____A (Johnson-Grace Company) C:\Windows\System32\jgpl400.dll 2012-11-20 05:16 - 2003-03-18 23:20 - 01118208 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll 2012-11-20 05:15 - 2011-10-20 15:26 - 00151552 ____A (DivX, Inc.) C:\Windows\System32\dpl100.dll 2012-11-20 05:15 - 2010-02-19 11:27 - 00909312 ____A (DivX, Inc.) C:\Windows\System32\divx_xx0a.dll 2012-11-20 05:15 - 2010-02-19 11:27 - 00905216 ____A (DivX, Inc.) C:\Windows\System32\divx_xx16.dll 2012-11-20 05:15 - 2010-02-19 11:27 - 00901120 ____A (DivX, Inc.) C:\Windows\System32\divx_xx11.dll 2012-11-20 05:15 - 2008-12-17 09:22 - 00122880 ____A C:\Windows\System32\ff_vfw.dll 2012-11-20 05:15 - 2008-12-08 18:28 - 00114688 ____A (DivXNetworks) C:\Windows\System32\dpv11.dll 2012-11-20 05:15 - 2007-11-27 18:59 - 00408576 ____A (Hilgraeve, Inc.) C:\Windows\System32\hypertrm.dll 2012-11-20 05:15 - 2007-08-13 18:54 - 00225792 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-11-20 05:15 - 2007-08-13 18:39 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\ieudinit.exe 2012-11-20 05:15 - 2007-07-11 12:27 - 00511488 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2012-11-20 05:15 - 2006-10-18 20:00 - 00311296 ____A (Microsoft Corporation) C:\Windows\System32\drmupgds.exe 2012-11-20 05:15 - 2006-06-29 08:05 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\idndl.dll 2012-11-20 05:15 - 2004-10-03 09:50 - 00190464 ____A C:\Windows\System32\ff_mpeg2enc.dll 2012-11-20 05:15 - 2001-05-29 23:00 - 00409600 ____A (Intel Corporation) C:\Windows\System32\ijl15.dll 2012-11-20 05:14 - 2008-10-01 13:21 - 00110592 ____A (Canon Inc.) C:\Windows\System32\cncilsc.dll 2012-11-20 05:14 - 2008-06-12 10:50 - 02007040 ____A (Amyuni Technologies 2012-11-20 05:14 - 2007-11-27 19:44 - 00581632 ____A () C:\Windows\System32\ati2sgag.exe 2012-11-20 05:14 - 2007-11-27 19:44 - 00126464 ____A (Agere Systems) C:\Windows\System32\agrsmdel.exe 2012-11-20 05:14 - 2007-11-27 19:42 - 00458752 ____A (ATI Technologies Inc.) C:\Windows\System32\ati2evxx.exe 2012-11-20 05:14 - 2007-11-27 19:42 - 00172032 ____A (ATI Technologies, Inc.) C:\Windows\System32\atipdlxx.dll 2012-11-20 05:14 - 2007-11-27 19:42 - 00111616 ____A (ATI Technologies Inc.) C:\Windows\System32\ati2evxx.dll 2012-11-20 05:14 - 2007-11-27 19:42 - 00101376 ____A (ATI Technologies, Inc.) C:\Windows\System32\ati2edxx.dll 2012-11-20 05:14 - 2007-11-27 19:42 - 00085504 ____A (ATI Technologies, Inc.) C:\Windows\System32\ativcoxx.dll 2012-11-20 05:14 - 2006-10-18 21:47 - 00342528 ____A (Microsoft Corporation) C:\Windows\System32\audiodev.dll 2012-11-20 05:14 - 2004-08-04 02:00 - 00239616 ____A (Microsoft Corporation) C:\Windows\System32\advpack(3).dll 2012-11-20 05:14 - 2004-08-04 02:00 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\cliconfg.exe 2012-11-20 05:14 - 2004-05-26 04:37 - 00781312 ____A (Abysmal Software) C:\Windows\System32\devil.dll 2012-11-20 05:14 - 2003-03-18 21:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\atl71.dll 2012-11-20 05:13 - 2007-11-27 21:07 - 00143360 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\ZDPN50.dll 2012-11-20 05:13 - 2007-11-27 21:07 - 00143360 ____A (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\System32\ZDBRGDLL.dll 2012-11-20 05:13 - 2007-11-27 21:07 - 00081920 ____A () C:\Windows\System32\ZyDelReg.exe 2012-11-20 05:13 - 2007-08-13 18:45 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\WinFXDocObj.exe 2012-11-20 05:13 - 2006-10-18 21:47 - 02664448 ____A (Microsoft Corporation) C:\Windows\System32\WpdShext.dll 2012-11-20 05:13 - 2006-10-18 21:47 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.dll 2012-11-20 05:13 - 2006-10-18 21:47 - 00722432 ____A (Microsoft Corporation) C:\Windows\System32\WMVXENCD.dll 2012-11-20 05:13 - 2006-10-18 21:47 - 00199168 ____A (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll 2012-11-20 05:13 - 2006-09-28 18:56 - 00377856 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll 2012-11-20 05:13 - 2006-09-28 18:56 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\WudfPlatform.dll 2012-11-20 05:13 - 2006-09-28 18:56 - 00211968 ____A (Microsoft Corporation) C:\Windows\System32\WudfHost.exe 2012-11-20 05:12 - 2008-11-29 12:26 - 01073152 ____A (Gabest) C:\Windows\System32\VSFilter.dll 2012-11-20 05:12 - 2006-10-18 21:47 - 01640448 ____A (Microsoft Corporation) C:\Windows\System32\WMVENCOD.dll 2012-11-20 05:12 - 2006-10-18 21:47 - 00260608 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceWMDRM.dll 2012-11-20 05:12 - 2006-10-18 21:47 - 00197632 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceWiaCompat.dll 2012-11-20 05:12 - 2006-10-18 21:47 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceClassExtension.dll 2012-11-20 05:12 - 2004-09-16 01:00 - 00143360 ____A (Sonic Solutions) C:\Windows\System32\UMLoader.dll 2012-11-20 05:12 - 2003-01-04 21:09 - 00188416 ____A (Intel Corporation) C:\Windows\System32\Prounstl.exe 2012-11-20 05:12 - 2002-08-21 05:13 - 00255488 ____A (Microsoft Corporation) C:\Windows\System32\WISPTIS.EXE 2012-11-20 05:12 - 2000-04-03 17:52 - 00208896 ____A (Microsoft Corporation) C:\Windows\System32\RDOCURS.DLL 2012-11-20 05:12 - 1999-11-24 17:40 - 00131072 ____A (Microsoft Corporation) C:\Windows\System32\VBAME.DLL 2012-11-20 05:11 - 2008-10-01 13:21 - 00167936 ____A (Canon Inc.) C:\Windows\System32\CNCLSI20.DLL 2012-11-20 05:11 - 2008-01-28 15:45 - 00259072 ____A (CANON INC.) C:\Windows\System32\CNMLM7W.DLL 2012-11-20 05:11 - 2007-12-20 22:21 - 00166400 ____A (Logitech Inc.) C:\Windows\System32\COMNCTR.DLL 2012-11-20 05:11 - 2007-12-20 22:21 - 00078336 ____A (Logitech, Inc.) C:\Windows\System32\LMOUSE32.DLL 2012-11-20 05:11 - 2007-11-27 21:07 - 00086016 ____A () C:\Windows\System32\InsDrvZD.dll 2012-11-20 05:11 - 2007-11-27 19:42 - 00131072 ____A (ATI Technologies, Inc.) C:\Windows\System32\Oemdspif.dll 2012-11-20 05:11 - 2006-10-18 21:47 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\MPG4DECD.dll 2012-11-20 05:11 - 2006-10-18 21:47 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\MP43DECD.dll 2012-11-20 05:11 - 2006-10-18 21:47 - 00274432 ____A (Microsoft Corporation) C:\Windows\System32\MFPLAT.dll 2012-11-20 05:11 - 2002-08-21 05:10 - 00266240 ____A (Microsoft Corporation) C:\Windows\System32\INKED.DLL 2012-11-20 05:11 - 2000-05-11 13:06 - 00454656 ____A (Microsoft Corporation) C:\Windows\System32\MSRDO20.DLL 2012-11-20 05:10 - 2008-10-01 13:21 - 00270336 ____A (CANON INC.) C:\Windows\System32\CNCC6500.DLL 2012-11-20 05:10 - 2008-10-01 13:21 - 00131072 ____A (CANON INC.) C:\Windows\System32\CNCI6500.DLL 2012-11-20 05:10 - 2007-11-27 19:42 - 00122880 ____A ( ATI Technologies Inc.) C:\Windows\System32\ATIDDC.DLL 2012-11-19 16:49 - 2012-11-19 16:01 - 00001908 ____A C:\Windows\pzbfq.oaw 2012-11-19 16:47 - 2012-11-18 16:12 - 00204907 ____A C:\Windows\naedt.lon 2012-11-19 16:47 - 2012-11-18 16:12 - 00022376 ____A C:\Windows\juhvr.ady 2012-11-19 16:30 - 2012-11-18 20:27 - 00049079 ____A C:\Windows\rhz.wvk 2012-11-19 16:21 - 2012-11-19 16:21 - 00167721 ____A C:\Windows\bqonge.bvw 2012-11-19 16:20 - 2012-11-19 16:01 - 00168562 ____A C:\Windows\dmpxpam.ncr 2012-11-19 16:20 - 2012-11-19 16:00 - 00058745 ____A C:\Windows\isguoi.dhl 2012-11-19 16:01 - 2012-11-19 16:00 - 00285926 ____A C:\Windows\htqfg.vmj 2012-11-19 16:01 - 2012-11-19 16:00 - 00243551 ____A C:\Windows\caoyta.gae 2012-11-18 20:29 - 2012-11-18 20:29 - 00403315 ____A C:\Windows\csmyoc.jxd 2012-11-18 20:29 - 2012-11-18 20:29 - 00351268 ____A C:\Windows\mlow.vbq 2012-11-18 20:29 - 2012-11-18 20:29 - 00204059 ____A C:\Windows\ibu.ufa 2012-11-17 22:45 - 2012-11-17 22:45 - 00004858 ____A C:\Documents and Settings\Rob\Desktop\SystemLook 11-17-12.txt 2012-11-17 22:45 - 2012-11-16 17:25 - 00004856 ____A C:\Documents and Settings\Rob\Desktop\SystemLook.txt 2012-11-16 17:25 - 2012-11-16 17:25 - 00139264 ____A C:\Documents and Settings\Rob\Desktop\SystemLook.scr 2012-11-16 12:44 - 2012-11-16 12:42 - 00007100 ____A C:\Windows\KB2761226.log 2012-11-16 12:44 - 2012-11-16 12:42 - 00006580 ____A C:\Windows\KB2727528.log 2012-11-16 12:42 - 2007-11-27 19:05 - 00000000 ____D C:\Windows\$hf_mig$ 2012-11-15 20:49 - 2012-11-15 20:49 - 00002384 ____A C:\Documents and Settings\Rob\Desktop\Rkill 11-15-12.txt 2012-11-14 19:31 - 2012-11-14 19:31 - 00000409 ____A C:\Documents and Settings\Rob\Desktop\RegistryFix.reg 2012-11-13 22:03 - 2012-11-13 22:03 - 00004204 ____A C:\Documents and Settings\Rob\Desktop\RKreport[4]_D_11132012_02d2203.txt 2012-11-13 22:03 - 2012-11-07 13:02 - 00000000 ____D C:\Documents and Settings\Rob\Desktop\RK_Quarantine 2012-11-13 22:02 - 2012-11-13 22:02 - 00004289 ____A C:\Documents and Settings\Rob\Desktop\RKreport[3]_S_11132012_02d2202.txt 2012-11-12 17:45 - 2012-11-12 17:45 - 00003926 ____A C:\Documents and Settings\Rob\Desktop\RKreport[2]_S_11122012_02d1745.txt 2012-11-10 21:05 - 2012-11-10 21:05 - 00005604 ____A C:\Windows\KB2712808.log 2012-11-10 21:05 - 2012-11-10 21:04 - 00006032 ____A C:\Windows\KB2731847-v2.log 2012-11-10 21:05 - 2012-11-10 21:04 - 00005848 ____A C:\Windows\KB2724197.log 2012-11-10 21:05 - 2012-11-10 21:02 - 00005352 ____A C:\Windows\KB2749655.log 2012-11-10 21:05 - 2012-11-10 21:02 - 00005348 ____A C:\Windows\KB2705219-v2.log 2012-11-10 21:04 - 2012-11-10 21:02 - 00005255 ____A C:\Windows\KB2661254-v2.log 2012-11-10 21:02 - 2012-07-10 13:46 - 00009346 ____A C:\Windows\KB2691442.log 2012-11-10 21:02 - 2012-07-10 13:46 - 00009246 ____A C:\Windows\KB2655992.log 2012-11-10 21:02 - 2012-07-10 13:45 - 00009122 ____A C:\Windows\KB2719985.log 2012-11-10 21:01 - 2012-05-10 14:59 - 00013565 ____A C:\Windows\KB2676562.log 2012-11-10 20:53 - 2012-11-26 00:11 - 00908066 ____A (Farbar) C:\Documents and Settings\Rob\Desktop\FRST.scr 2012-11-10 20:05 - 2012-11-10 20:05 - 00004670 ____A C:\Documents and Settings\Rob\Desktop\RKreport[1]_S_11102012_02d2005.txt 2012-11-09 01:15 - 2012-08-17 00:50 - 00000000 ____D C:\Documents and Settings\Rob\Desktop\ALL VIRUS BS 2012-11-09 00:27 - 2012-11-09 00:27 - 00008224 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT 2012-11-09 00:18 - 2012-11-08 23:24 - 00000530 ____A C:\Documents and Settings\Rob\Desktop\VirusTotal Analysis 1.txt 2012-11-08 23:44 - 2007-11-27 10:51 - 00528920 ___AC C:\Windows\System32\PerfStringBackup.INI 2012-11-08 20:14 - 2012-11-08 20:14 - 00004078 ____A C:\Documents and Settings\Rob\Desktop\Rkill 11-8-12 20.07.43.txt 2012-11-08 15:59 - 2012-11-08 15:59 - 01754528 ____A (Bleeping Computer, LLC) C:\Documents and Settings\Rob\Desktop\rkill.scr 2012-11-08 11:43 - 2012-11-08 11:43 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\99718478.sys 2012-11-08 11:43 - 2012-11-08 11:43 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\64508186.sys 2012-11-07 23:25 - 2012-11-07 23:25 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\31255700.sys 2012-11-07 23:23 - 2012-11-07 23:23 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\00155280.sys 2012-11-07 23:16 - 2012-11-07 23:16 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\59382407.sys 2012-11-07 23:16 - 2012-11-07 23:16 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\54066471.sys 2012-11-07 23:15 - 2012-11-07 23:15 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\28443356.sys 2012-11-07 23:15 - 2012-11-07 23:15 - 00177496 ____A (Kaspersky Lab, GERT) C:\Windows\System32\Drivers\23847152.sys 2012-11-07 16:33 - 2012-11-07 16:33 - 00000000 ____A C:\Documents and Settings\Rob\My Documents\Default.PLS 2012-11-07 12:49 - 2012-11-07 12:49 - 00688901 ____R (Swearware) C:\Documents and Settings\Rob\Desktop\DDS.com 2012-11-07 12:45 - 2012-11-07 12:45 - 05345318 ____A C:\Documents and Settings\Rob\Desktop\Windows Repair.exe 2012-11-07 12:42 - 2012-11-07 12:42 - 00662016 ____A C:\Documents and Settings\Rob\Desktop\RogueKiller.scr 2012-11-06 13:42 - 2012-11-06 13:42 - 00000140 ____A C:\Documents and Settings\Rob\My Documents\Shockwave Puzzle Web Address (chg for diff puzzles).txt 2012-11-04 22:08 - 2012-11-04 21:03 - 00000034 ____A C:\Documents and Settings\Rob\Application Data\mbam.context.scan 2012-11-04 21:02 - 2007-12-06 11:10 - 00000000 ___AC C:\Windows\Explorer.EXE.Z-missing.txt 2012-11-04 20:47 - 2008-08-11 15:37 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2012-11-04 10:38 - 2010-12-09 12:46 - 00000000 ____D C:\Documents and Settings\Rob\Application Data\vlc 2012-11-02 14:52 - 2009-02-20 16:33 - 00089680 ____A (Microsoft Corporation) C:\Documents and Settings\Rob\MSSSerif120.fon 2012-10-31 21:49 - 2012-11-07 23:06 - 02213976 ____A (Kaspersky Lab ZAO) C:\Documents and Settings\Rob\Desktop\TDSSKiller.exe 2012-10-31 13:17 - 2012-08-14 21:20 - 00000794 ____A C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk 2012-10-31 13:13 - 2010-05-19 18:48 - 00000000 ____D C:\Windows\System32\NtmsData 2012-10-31 12:51 - 2012-02-20 20:28 - 00002904 ____A C:\Windows\DtcInstall.log 2012-10-31 12:51 - 2007-11-27 19:01 - 00000000 ____D C:\Windows\Registration 2012-10-29 23:50 - 2011-11-19 20:36 - 00000564 ____A C:\rkill.log 2012-10-28 21:59 - 2012-10-28 22:00 - 00029184 ____A C:\Documents and Settings\Rob\My Documents\Player Rating Form (Coaches).xlsx 2012-10-28 20:49 - 2010-03-06 18:41 - 00000000 ____D C:\Documents and Settings\Rob\Application Data\IObit 2012-10-28 20:44 - 2011-06-01 22:33 - 00000000 ____D C:\found.000 2012-10-28 20:42 - 2010-04-17 15:47 - 00000000 ____D C:\Program Files\ConvertXtoDVD 2012-10-28 20:42 - 2008-08-14 20:19 - 00000000 ____D C:\Documents and Settings\Rob\My Documents\Payments to Richard McKnight 2012-10-28 20:42 - 2007-11-29 18:01 - 00000000 ____D C:\Documents and Settings\Rob\My Documents\Nasty Cigars Docs ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points (XP) ===================== ==================== Memory info =========================== Percentage of memory in use: 45% Total physical RAM: 1022.98 MB Available physical RAM: 558.56 MB Total Pagefile: 1693.66 MB Available Pagefile: 1366.81 MB Total Virtual: 2047.88 MB Available Virtual: 1996.52 MB ==================== Partitions ============================= 1 Drive c: (New Volume) (Fixed) (Total:74.52 GB) (Free:10.15 GB) NTFS 5 Drive j: () (Removable) (Total:7.47 GB) (Free:1.64 GB) FAT32 Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 149 GB 75 GB Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 75 GB 32 KB ========================================================= Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C New Volume NTFS Partition 75 GB Healthy System (partition with boot components) ========================================================= ==================== End Of Log ============================

DK, It took me 3 more burned CDs and several attempts, but I FINALLY got KRD_10 to run. Cleaned both infected files then had to delete them as the disinfecting didn't work. Was positive going into the reboot, but I STILL HAVE FREECELL POPPING UP. Ran FRST and here are the two logs you requested: KRD_10 Log: Objects Scan: malfunction (events: 3, objects: 0, time: Unknown) 11/19/12 12:27 AM Untreated: Rootkit.Boot.Xpaj.a /dev/sda Postponed 11/19/12 12:27 AM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/19/12 12:26 AM Task started Objects Scan: malfunction (events: 5, objects: 0, time: Unknown) 11/19/12 10:18 AM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 10:18 AM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 10:13 AM Untreated: Rootkit.Boot.Xpaj.a /dev/sda Postponed 11/19/12 10:13 AM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/19/12 10:12 AM Task started Objects Scan: malfunction (events: 3, objects: 0, time: Unknown) 11/19/12 3:15 PM Untreated: Rootkit.Boot.Xpaj.a /dev/sda Postponed 11/19/12 3:15 PM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/19/12 3:14 PM Task started Objects Scan: malfunction (events: 313, objects: 0, time: Unknown) 11/19/12 11:24 PM Disinfected: Trojan-Dropper.Win32.Dapato.bxdl HKEY_USERS\S-1-5-21-1644491937-562591055-725345543-1003\Software\Microsoft\Windows NT\CurrentVersion\Winlogon/Shell 11/19/12 7:37 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 7:36 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll Postponed 11/19/12 7:36 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/19/12 7:36 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll Postponed 11/19/12 7:36 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/19/12 7:36 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll Postponed 11/19/12 7:36 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/19/12 7:36 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll Postponed 11/19/12 7:36 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/19/12 7:36 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll Postponed 11/19/12 7:36 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/19/12 7:35 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll Postponed 11/19/12 7:35 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/19/12 7:35 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll Postponed 11/19/12 7:35 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/19/12 7:35 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe Postponed 11/19/12 7:35 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/19/12 7:35 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe Postponed 11/19/12 7:35 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/19/12 7:35 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe Postponed 11/19/12 7:35 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/19/12 7:35 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll Postponed 11/19/12 7:35 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/19/12 7:35 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 7:35 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 7:31 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 7:31 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 7:31 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 7:31 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 7:31 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 7:31 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZyDelReg.exe 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDBRGDLL.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ZDPN50.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WUDFx.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WudfPlatform.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WPDShServiceObj.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WpdShext.dll 11/19/12 7:28 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll Postponed 11/19/12 7:28 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVXENCD.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVSDECD.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WMVENCOD.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WISPTIS.EXE 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/WinFXDocObj.exe 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VSFilter.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll 11/19/12 7:27 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL Postponed 11/19/12 7:27 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/VBAME.DLL 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/UMLoader.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/RDOCURS.DLL 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Prounstl.exe 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWMDRM.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceWiaCompat.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/PortableDeviceClassExtension.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/Oemdspif.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MSRDO20.DLL 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll 11/19/12 7:26 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll Postponed 11/19/12 7:26 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MP43DECD.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MPG4DECD.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll Postponed 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/MFPLAT.dll 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/LMOUSE32.DLL 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/InsDrvZD.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/INKED.DLL 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll 11/19/12 7:25 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll Postponed 11/19/12 7:25 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpl100.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx11.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx0a.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/divx_xx16.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/devil.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/COMNCTR.DLL 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNMLM7W.DLL 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCLSI20.DLL 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCI6500.DLL 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cncilsc.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cliconfg.exe 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/CNCC6500.DLL 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/cdintf250.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/audiodev.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atl71.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/atipdlxx.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ativcoxx.dll 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ATIDDC.DLL 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2sgag.exe 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.exe 11/19/12 7:24 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll Postponed 11/19/12 7:24 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2evxx.dll 11/19/12 7:23 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll Postponed 11/19/12 7:23 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ati2edxx.dll 11/19/12 7:23 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe Postponed 11/19/12 7:23 PM Untreated: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll Postponed 11/19/12 7:23 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/advpack(3).dll 11/19/12 7:23 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/agrsmdel.exe 11/19/12 7:08 PM Processing error C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}(2)/RP117(2)/A0085898.ini Read error 11/19/12 6:57 PM Processing error C:/System Volume Information/_restore{E6C92DD5-2293-4E7E-A87E-7776BBF2347F}/RP14/A0023848.ini Read error 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:18 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:06 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 5:06 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 5:02 PM Untreated: Rootkit.Boot.Xpaj.a /dev/sda Postponed 11/19/12 5:02 PM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/19/12 5:01 PM Task started Objects Scan: malfunction (events: 39, objects: 0, time: Unknown) 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/D.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/B.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/9.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/8.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/6.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/5.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/4.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/3.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/15.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/14.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/12.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/13.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/10.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:54 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Local Settings/temp/1.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:43 PM Untreated: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact Postponed 11/19/12 11:43 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/Documents and Settings/Rob/Application Data/msconfig.ini/PE_Patch.PECompact/PecBundle/PECompact 11/19/12 11:37 PM Untreated: Rootkit.Boot.Xpaj.a /dev/sda Postponed 11/19/12 11:37 PM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/19/12 11:35 PM Task started Objects Scan: completed 5 days ago (events: 724, objects: 666685, time: 02:53:37) 11/20/12 1:24 PM Task completed 11/20/12 1:24 PM Disinfected: Rootkit.Boot.Xpaj.a /dev/sda 11/20/12 1:24 PM Disinfected: Rootkit.Boot.Xpaj.a /dev/sda 11/20/12 1:20 PM Detected: Rootkit.Boot.Xpaj.a /dev/sda 11/20/12 1:20 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/C.tmp 11/20/12 1:20 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/C.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:20 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/2.tmp 11/20/12 1:20 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/2.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:20 PM Deleted: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/11.tmp 11/20/12 1:19 PM Detected: Trojan-Dropper.Win32.Dapato.bxdl C:/WINDOWS/temp/11.tmp/PE_Patch.PECompact/PecBundle/PECompact 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xvidvfw.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpssvcs.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xpsshhdr.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/xmlparse.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdtrace.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdshextautoplay.exe 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpus.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll 11/20/12 1:19 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll 11/20/12 1:19 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtpdr.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdmtp.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wpdconns.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpns.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmphoto.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmpeffects.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wmdrmdev.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/wininet(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/winhttp(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vxdmdcdlg.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/vobsub.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/url(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/tscupgrd.exe 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/taskman.exe 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/stac97co.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ssldivx.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll 11/20/12 1:18 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/sqlsrv32.dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll 11/20/12 1:18 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/secur32(3).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/qt-dx331.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ptpusd.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/prntvpt.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/photometadatahandler.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/odbcbcp.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/nlsdl.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mtxclu(3).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msvcr71.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msrating(2).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mshtmled(2).dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/msfeedsbs.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310ipv.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mr310exd.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mp4sdecd.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe 11/20/12 1:17 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/migpwd.exe 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll 11/20/12 1:17 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71u.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mfc71.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/mdmxsdk.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/lmoufrc.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/libdivx.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jscript(2).dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsh400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgsd400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgpl400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgmd400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgdw400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/jgaw400.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qcx.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_qc.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir50_32.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir41_qcx.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/20/12 1:16 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ir32_32.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll 11/20/12 1:16 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/imapi2fs.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ijl15.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieui.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieudinit.exe 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ieapfltr.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/idndl.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/hypertrm.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_vfw.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/ff_mpeg2enc.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/drmupgds.exe 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll 11/20/12 1:15 PM Disinfected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll 11/20/12 1:15 PM Detected: Virus.Win32.Xpaj.genc C:/WINDOWS/system32/dpv11.dll Continued in next post. Other log to follow. Post was too long.

Hey DK, Wasn't home for Thanksgiving. Ran CF in Safe mode. For the first time, it showed that I was infected with ZeroAccess. It then rebooted my computer and ran its scan. I still have the same problem with FreeCell. Here is the log: ComboFix 12-11-21.01 - Rob 11/24/2012 9:49.25.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.582 [GMT -8:00] Running from: c:\documents and settings\Rob\Desktop\ComboFix.scr Command switches used :: /S AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\9C9F01EC0D1FB5BA00009C9E6552BACD c:\documents and settings\All Users\Application Data\9C9F01EC0D1FB5BA00009C9E6552BACD\9C9F01EC0D1FB5BA00009C9E6552BACD c:\documents and settings\All Users\Application Data\9C9F01EC0D1FB5BA00009C9E6552BACD\9C9F01EC0D1FB5BA00009C9E6552BACD.exe c:\documents and settings\All Users\Application Data\9C9F01EC0D1FB5BA00009C9E6552BACD\9C9F01EC0D1FB5BA00009C9E6552BACD.ico c:\windows\$NtUninstallKB36985$ c:\windows\$NtUninstallKB36985$\1268833241\@ c:\windows\$NtUninstallKB36985$\1268833241\Desktop.ini c:\windows\$NtUninstallKB36985$\1268833241\L\00000004.@ c:\windows\$NtUninstallKB36985$\1268833241\L\nwmebnlt c:\windows\$NtUninstallKB36985$\1268833241\U\00000004.@ c:\windows\$NtUninstallKB36985$\1268833241\U\00000008.@ c:\windows\$NtUninstallKB36985$\1268833241\U\000000cb.@ c:\windows\$NtUninstallKB36985$\1268833241\U\80000000.@ c:\windows\$NtUninstallKB36985$\1268833241\U\80000032.@ c:\windows\$NtUninstallKB36985$\4172565056 . Infected copy of c:\windows\system32\drivers\i8042prt.sys was found and disinfected Restored copy from - The cat found it . ((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 ))))))))))))))))))))))))))))))) . . 2012-11-24 17:40 . 2008-04-13 19:18 52480 -c--a-w- c:\windows\system32\dllcache\i8042prt.sys 2012-11-24 17:40 . 2008-04-13 19:18 52480 ----a-w- c:\windows\system32\drivers\i8042prt.sys 2012-11-19 00:24 . 2012-11-20 13:24 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2012-11-11 05:29 . 2012-11-11 05:29 -------- d-----w- C:\FRST 2012-11-08 19:43 . 2012-11-08 19:43 177496 ----a-w- c:\windows\system32\drivers\64508186.sys 2012-11-08 19:43 . 2012-11-08 19:43 177496 ----a-w- c:\windows\system32\drivers\99718478.sys 2012-11-08 07:25 . 2012-11-08 07:25 177496 ----a-w- c:\windows\system32\drivers\31255700.sys 2012-11-08 07:23 . 2012-11-08 07:23 177496 ----a-w- c:\windows\system32\drivers\00155280.sys 2012-11-08 07:16 . 2012-11-08 07:16 177496 ----a-w- c:\windows\system32\drivers\54066471.sys 2012-11-08 07:16 . 2012-11-08 07:16 177496 ----a-w- c:\windows\system32\drivers\59382407.sys 2012-11-08 07:15 . 2012-11-08 07:15 177496 ----a-w- c:\windows\system32\drivers\23847152.sys 2012-11-08 07:15 . 2012-11-08 07:15 177496 ----a-w- c:\windows\system32\drivers\28443356.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-20 13:19 . 2009-01-25 21:10 252928 ----a-w- c:\windows\system32\xvidvfw.dll 2012-11-20 13:19 . 2009-02-25 21:32 1750016 ----a-w- c:\windows\system32\xpssvcs.dll 2012-11-20 13:19 . 2009-02-25 21:32 641024 ----a-w- c:\windows\system32\xpsshhdr.dll 2012-11-20 13:19 . 2008-06-01 03:57 94208 ----a-w- c:\windows\system32\xmlparse.dll 2012-11-20 13:19 . 2005-01-28 21:44 72192 ----a-w- c:\windows\system32\wpdtrace.dll 2012-11-20 13:19 . 2006-10-19 04:00 78848 ----a-w- c:\windows\system32\wpdshextautoplay.exe 2012-11-20 13:19 . 2005-01-28 21:44 124928 ----a-w- c:\windows\system32\wpdmtpus.dll 2012-11-20 13:19 . 2005-01-28 21:44 393216 ----a-w- c:\windows\system32\wpdmtpdr.dll 2012-11-20 13:18 . 2005-01-28 21:44 216064 ----a-w- c:\windows\system32\wpdmtp.dll 2012-11-20 13:18 . 2005-01-28 21:44 97280 ----a-w- c:\windows\system32\wpdconns.dll 2012-11-20 13:18 . 2009-03-12 18:48 286720 ----a-w- c:\windows\system32\wmpns.dll 2012-11-20 13:18 . 2008-09-12 19:46 338432 ----a-w- c:\windows\system32\wmphoto.dll 2012-11-20 13:18 . 2006-10-19 05:47 357376 ----a-w- c:\windows\system32\wmpeffects.dll 2012-11-20 13:18 . 2005-01-28 21:44 494592 ----a-w- c:\windows\system32\wmdrmdev.dll 2012-11-20 13:18 . 2006-03-04 03:33 900096 ----a-w- c:\windows\system32\wininet(3).dll 2012-11-20 13:18 . 2004-08-04 10:00 415744 ----a-w- c:\windows\system32\winhttp(3).dll 2012-11-20 13:18 . 2003-03-13 23:10 98304 ----a-w- c:\windows\system32\vxdmdcdlg.dll 2012-11-20 13:18 . 2002-12-11 08:19 454656 ----a-w- c:\windows\system32\vobsub.dll 2012-11-20 13:18 . 2004-08-04 10:00 171520 ----a-w- c:\windows\system32\url(3).dll 2012-11-20 13:18 . 2007-11-28 02:59 114176 ----a-w- c:\windows\system32\tscupgrd.exe 2012-11-20 13:18 . 2004-08-04 10:00 84992 ----a-w- c:\windows\system32\taskman.exe 2012-11-20 13:18 . 2007-11-28 03:48 266240 ----a-w- c:\windows\system32\stac97co.dll 2012-11-20 13:18 . 2008-11-06 16:35 258048 ----a-w- c:\windows\system32\ssldivx.dll 2012-11-20 13:18 . 2004-08-04 10:00 499712 ----a-w- c:\windows\system32\sqlsrv32.dll 2012-11-20 13:18 . 2004-08-04 10:00 121856 ----a-w- c:\windows\system32\secur32(3).dll 2012-11-20 13:17 . 2008-11-06 16:37 3661824 ----a-w- c:\windows\system32\qt-dx331.dll 2012-11-20 13:17 . 2010-01-10 03:14 232960 ----a-w- c:\windows\system32\ptpusd.dll 2012-11-20 13:17 . 2009-02-25 21:33 179200 ----a-w- c:\windows\system32\prntvpt.dll 2012-11-20 13:17 . 2008-09-12 19:46 477696 ----a-w- c:\windows\system32\photometadatahandler.dll 2012-11-20 13:17 . 2004-08-04 10:00 81920 ----a-w- c:\windows\system32\odbcbcp.dll 2012-11-20 13:17 . 2006-06-29 01:59 86016 ----a-w- c:\windows\system32\nlsdl.dll 2012-11-20 13:17 . 2004-08-04 10:00 128000 ----a-w- c:\windows\system32\mtxclu(3).dll 2012-11-20 13:17 . 2003-02-21 12:42 409600 ----a-w- c:\windows\system32\msvcr71.dll 2012-11-20 13:17 . 2006-03-04 03:33 262656 ----a-w- c:\windows\system32\msrating(2).dll 2012-11-20 13:17 . 2006-03-04 03:33 539136 ----a-w- c:\windows\system32\mshtmled(2).dll 2012-11-20 13:17 . 2005-01-26 18:48 135168 ----a-w- c:\windows\system32\mr310ipv.dll 2012-11-20 13:17 . 2001-10-12 17:58 90112 ----a-w- c:\windows\system32\mr310exd.dll 2012-11-20 13:17 . 2006-10-19 05:47 415744 ----a-w- c:\windows\system32\mp4sdecd.dll 2012-11-20 13:17 . 2004-08-04 10:00 117248 ----a-w- c:\windows\system32\migpwd.exe 2012-11-20 13:17 . 2003-03-19 05:12 1108992 ----a-w- c:\windows\system32\mfc71u.dll 2012-11-20 13:16 . 2003-03-19 07:20 1118208 ----a-w- c:\windows\system32\mfc71.dll 2012-11-20 13:16 . 2008-09-12 19:45 143360 ----a-w- c:\windows\system32\mdmxsdk.dll 2012-11-20 13:16 . 2007-12-21 06:21 233984 ----a-w- c:\windows\system32\lmoufrc.dll 2012-11-20 13:16 . 2008-11-06 16:35 1118208 ----a-w- c:\windows\system32\libdivx.dll 2012-11-20 13:16 . 2004-08-04 10:00 569344 ----a-w- c:\windows\system32\jscript(2).dll 2012-11-20 13:16 . 2004-08-04 10:00 131072 ----a-w- c:\windows\system32\jgsh400.dll 2012-11-20 13:16 . 2004-08-04 10:00 107008 ----a-w- c:\windows\system32\jgsd400.dll 2012-11-20 13:16 . 2004-08-04 10:00 97280 ----a-w- c:\windows\system32\jgmd400.dll 2012-11-20 13:16 . 2004-08-04 10:00 105984 ----a-w- c:\windows\system32\jgaw400.dll 2012-11-20 13:16 . 2004-08-04 10:00 245248 ----a-w- c:\windows\system32\ir50_qcx.dll 2012-11-20 13:16 . 2004-08-04 10:00 261632 ----a-w- c:\windows\system32\ir50_qc.dll 2012-11-20 13:16 . 2004-08-04 10:00 849408 ----a-w- c:\windows\system32\ir50_32.dll 2012-11-20 13:16 . 2004-08-04 10:00 403968 ----a-w- c:\windows\system32\ir41_qcx.dll 2012-11-20 13:16 . 2004-08-04 10:00 260608 ----a-w- c:\windows\system32\ir32_32.dll 2012-11-20 13:16 . 2010-04-18 02:26 527360 ----a-w- c:\windows\system32\imapi2fs.dll 2012-11-20 13:15 . 2001-05-30 07:00 409600 ----a-w- c:\windows\system32\ijl15.dll 2012-11-20 13:15 . 2006-06-29 16:05 87552 ----a-w- c:\windows\system32\idndl.dll 2012-11-20 13:15 . 2007-11-28 02:59 408576 ----a-w- c:\windows\system32\hypertrm.dll 2012-11-20 13:15 . 2008-12-17 17:22 122880 ----a-w- c:\windows\system32\ff_vfw.dll 2012-11-20 13:15 . 2004-10-03 17:50 190464 ----a-w- c:\windows\system32\ff_mpeg2enc.dll 2012-11-20 13:15 . 2006-10-19 04:00 311296 ----a-w- c:\windows\system32\drmupgds.exe 2012-11-20 13:15 . 2008-12-09 02:28 114688 ----a-w- c:\windows\system32\dpv11.dll 2012-11-20 13:15 . 2011-10-20 23:26 151552 ----a-w- c:\windows\system32\dpl100.dll 2012-11-20 13:15 . 2010-02-19 19:27 905216 ----a-w- c:\windows\system32\divx_xx16.dll 2012-11-20 13:15 . 2010-02-19 19:27 901120 ----a-w- c:\windows\system32\divx_xx11.dll 2012-11-20 13:15 . 2010-02-19 19:27 909312 ----a-w- c:\windows\system32\divx_xx0a.dll 2012-11-20 13:14 . 2004-05-26 12:37 781312 ----a-w- c:\windows\system32\devil.dll 2012-11-20 13:14 . 2008-10-01 21:21 110592 ----a-w- c:\windows\system32\cncilsc.dll 2012-11-20 13:14 . 2004-08-04 10:00 77824 ----a-w- c:\windows\system32\cliconfg.exe 2012-11-20 13:14 . 2008-06-12 18:50 2007040 ----a-w- c:\windows\system32\cdintf250.dll 2012-11-20 13:14 . 2006-10-19 05:47 342528 ----a-w- c:\windows\system32\audiodev.dll 2012-11-20 13:14 . 2003-03-19 05:05 150528 ----a-w- c:\windows\system32\atl71.dll 2012-11-20 13:14 . 2007-11-28 03:42 85504 ----a-w- c:\windows\system32\ativcoxx.dll 2012-11-20 13:14 . 2007-11-28 03:42 172032 ----a-w- c:\windows\system32\atipdlxx.dll 2012-11-20 13:14 . 2007-11-28 03:44 581632 ----a-w- c:\windows\system32\ati2sgag.exe 2012-11-20 13:14 . 2007-11-28 03:42 458752 ----a-w- c:\windows\system32\ati2evxx.exe 2012-11-20 13:14 . 2007-11-28 03:42 111616 ----a-w- c:\windows\system32\ati2evxx.dll 2012-11-20 13:14 . 2007-11-28 03:42 101376 ----a-w- c:\windows\system32\ati2edxx.dll 2012-11-20 13:14 . 2007-11-28 03:44 126464 ----a-w- c:\windows\system32\agrsmdel.exe 2012-11-20 13:14 . 2004-08-04 10:00 239616 ----a-w- c:\windows\system32\advpack(3).dll 2012-11-20 13:13 . 2007-11-28 05:07 81920 ----a-w- c:\windows\system32\ZyDelReg.exe 2012-11-20 13:13 . 2007-11-28 05:07 143360 ----a-w- c:\windows\system32\ZDPN50.dll 2012-11-20 13:13 . 2007-11-28 05:07 143360 ----a-w- c:\windows\system32\ZDBRGDLL.dll 2012-11-20 13:13 . 2006-09-29 02:56 235008 ----a-w- c:\windows\system32\WudfPlatform.dll 2012-11-20 13:13 . 2006-09-29 02:56 211968 ----a-w- c:\windows\system32\WudfHost.exe 2012-11-20 13:13 . 2006-10-19 05:47 2664448 ----a-w- c:\windows\system32\WpdShext.dll 2012-11-20 13:13 . 2006-09-29 02:56 377856 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-20 13:13 . 2006-10-19 05:47 199168 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2012-11-20 13:13 . 2006-10-19 05:47 722432 ----a-w- c:\windows\system32\WMVXENCD.dll 2012-11-20 13:13 . 2006-10-19 05:47 1448448 ----a-w- c:\windows\system32\WMVSDECD.dll 2012-11-20 13:12 . 2006-10-19 05:47 1640448 ----a-w- c:\windows\system32\WMVENCOD.dll 2012-11-20 13:12 . 2002-08-21 13:13 255488 ----a-w- c:\windows\system32\WISPTIS.EXE 2012-11-20 13:12 . 2008-11-29 20:26 1073152 ----a-w- c:\windows\system32\VSFilter.dll 2012-11-20 13:12 . 1999-11-25 01:40 131072 ----a-w- c:\windows\system32\VBAME.DLL 2012-11-20 13:12 . 2004-09-16 09:00 143360 ----a-w- c:\windows\system32\UMLoader.dll 2012-11-20 13:12 . 2000-04-04 01:52 208896 ----a-w- c:\windows\system32\RDOCURS.DLL 2012-11-20 13:12 . 2003-01-05 05:09 188416 ----a-w- c:\windows\system32\Prounstl.exe 2012-11-20 13:12 . 2006-10-19 05:47 197632 ----a-w- c:\windows\system32\PortableDeviceWiaCompat.dll 2012-11-20 13:12 . 2006-10-19 05:47 260608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2012-11-20 13:12 . 2006-10-19 05:47 167424 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DownloadAccelerator"="c:\program files\STUFF\Download Accelerator Plus\DAP.EXE" [2012-08-15 2815488] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StacSysTray"="c:\program files\SigmaTel\C-Major Audio\ControlPanel\StacSysTray.exe" [2004-04-29 102400] "Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-05 856064] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768] "Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-19 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^MagicDisc.lnk] path=c:\documents and settings\Rob\Start Menu\Programs\Startup\MagicDisc.lnk backup=c:\windows\pss\MagicDisc.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Version Cue CS2] 2005-04-05 02:58 856064 ----a-w- c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA] 2005-09-08 13:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] 2007-03-29 22:41 222128 ----a-w- c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] 2003-12-17 16:50 19968 ------w- c:\windows\LOGI_MWX.EXE . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6/27/2010 8:09 PM 136360] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4/17/2010 3:47 PM 47360] S2 SigService;Sigmatel Service;c:\program files\SigmaTel\C-Major Audio\ControlPanel\sigservice.exe --> c:\program files\SigmaTel\C-Major Audio\ControlPanel\sigservice.exe [?] S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\system32\drivers\mr97310v.sys [3/30/2004 10:29 AM 118106] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 12:37 PM 517096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Contents of the 'Scheduled Tasks' folder . 2012-11-24 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 23:07] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: &Clean Traces - c:\program files\STUFF\Download Accelerator Plus\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\STUFF\Download Accelerator Plus\dapextie.htm IE: Download &all with DAP - c:\program files\STUFF\Download Accelerator Plus\dapextie2.htm IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm TCP: DhcpNameServer = 192.168.0.1 DPF: Web-Based Email Tools - hxxps://email.secureserver.net/Download.CAB . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-24 10:11 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1644491937-562591055-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:c0,e0,d6,b4,b9,a1,21,c7,f5,b5,bc,c5,9c,55,e8,60,9d,3f,ce,d0,10,24,71, 30,0a,f7,e7,0c,f5,a5,a1,d0,da,3d,75,c8,97,9d,91,8a,77,88,6e,b4,6a,66,9c,b3,\ "??"=hex:59,52,4d,96,40,27,6e,8f,7c,35,3d,81,cd,0f,89,4c . [HKEY_USERS\S-1-5-21-1644491937-562591055-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:c2,1e,91,d7,9c,ef,c0,ad,7f,a9,be,b9,ef,ec,85,23,86,18,f1,f2,41, 6c,29,51,55,a2,cd,23,74,8d,c0,a9,68,0c,02,cf,15,85,69,26,eb,9d,4f,2c,a3,09,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(916) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(3832) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe c:\windows\system32\freecell.exe . ************************************************************************** . Completion time: 2012-11-24 10:17:43 - machine was rebooted ComboFix-quarantined-files.txt 2012-11-24 18:17 ComboFix2.txt 2012-11-21 23:24 ComboFix3.txt 2012-11-18 04:36 ComboFix4.txt 2012-11-16 08:32 ComboFix5.txt 2012-11-24 17:38 . Pre-Run: 10,880,741,376 bytes free Post-Run: 10,891,919,360 bytes free . - - End Of File - - 174EC9166BC7A771B738E716258A5596

DK, Yessir, it is.

DK, You are correct sir. The FBI BS is no longer an issue. Here is the latest CF Log: ComboFix 12-11-21.01 - Rob 11/21/2012 15:08:17.24.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.554 [GMT -8:00] Running from: c:\documents and settings\Rob\Desktop\ComboFix.scr Command switches used :: /S AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Rob\Application Data\vso_ts_preview.xml c:\windows\system32\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-10-21 to 2012-11-21 ))))))))))))))))))))))))))))))) . . 2012-11-19 00:24 . 2012-11-20 13:24 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2012-11-11 05:29 . 2012-11-11 05:29 -------- d-----w- C:\FRST 2012-11-08 19:43 . 2012-11-08 19:43 177496 ----a-w- c:\windows\system32\drivers\64508186.sys 2012-11-08 19:43 . 2012-11-08 19:43 177496 ----a-w- c:\windows\system32\drivers\99718478.sys 2012-11-08 07:25 . 2012-11-08 07:25 177496 ----a-w- c:\windows\system32\drivers\31255700.sys 2012-11-08 07:23 . 2012-11-08 07:23 177496 ----a-w- c:\windows\system32\drivers\00155280.sys 2012-11-08 07:16 . 2012-11-08 07:16 177496 ----a-w- c:\windows\system32\drivers\54066471.sys 2012-11-08 07:16 . 2012-11-08 07:16 177496 ----a-w- c:\windows\system32\drivers\59382407.sys 2012-11-08 07:15 . 2012-11-08 07:15 177496 ----a-w- c:\windows\system32\drivers\23847152.sys 2012-11-08 07:15 . 2012-11-08 07:15 177496 ----a-w- c:\windows\system32\drivers\28443356.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-20 13:19 . 2009-01-25 21:10 252928 ----a-w- c:\windows\system32\xvidvfw.dll 2012-11-20 13:19 . 2009-02-25 21:32 1750016 ----a-w- c:\windows\system32\xpssvcs.dll 2012-11-20 13:19 . 2009-02-25 21:32 641024 ----a-w- c:\windows\system32\xpsshhdr.dll 2012-11-20 13:19 . 2008-06-01 03:57 94208 ----a-w- c:\windows\system32\xmlparse.dll 2012-11-20 13:19 . 2005-01-28 21:44 72192 ----a-w- c:\windows\system32\wpdtrace.dll 2012-11-20 13:19 . 2006-10-19 04:00 78848 ----a-w- c:\windows\system32\wpdshextautoplay.exe 2012-11-20 13:19 . 2005-01-28 21:44 124928 ----a-w- c:\windows\system32\wpdmtpus.dll 2012-11-20 13:19 . 2005-01-28 21:44 393216 ----a-w- c:\windows\system32\wpdmtpdr.dll 2012-11-20 13:18 . 2005-01-28 21:44 216064 ----a-w- c:\windows\system32\wpdmtp.dll 2012-11-20 13:18 . 2005-01-28 21:44 97280 ----a-w- c:\windows\system32\wpdconns.dll 2012-11-20 13:18 . 2009-03-12 18:48 286720 ----a-w- c:\windows\system32\wmpns.dll 2012-11-20 13:18 . 2008-09-12 19:46 338432 ----a-w- c:\windows\system32\wmphoto.dll 2012-11-20 13:18 . 2006-10-19 05:47 357376 ----a-w- c:\windows\system32\wmpeffects.dll 2012-11-20 13:18 . 2005-01-28 21:44 494592 ----a-w- c:\windows\system32\wmdrmdev.dll 2012-11-20 13:18 . 2006-03-04 03:33 900096 ----a-w- c:\windows\system32\wininet(3).dll 2012-11-20 13:18 . 2004-08-04 10:00 415744 ----a-w- c:\windows\system32\winhttp(3).dll 2012-11-20 13:18 . 2003-03-13 23:10 98304 ----a-w- c:\windows\system32\vxdmdcdlg.dll 2012-11-20 13:18 . 2002-12-11 08:19 454656 ----a-w- c:\windows\system32\vobsub.dll 2012-11-20 13:18 . 2004-08-04 10:00 171520 ----a-w- c:\windows\system32\url(3).dll 2012-11-20 13:18 . 2007-11-28 02:59 114176 ----a-w- c:\windows\system32\tscupgrd.exe 2012-11-20 13:18 . 2004-08-04 10:00 84992 ----a-w- c:\windows\system32\taskman.exe 2012-11-20 13:18 . 2007-11-28 03:48 266240 ----a-w- c:\windows\system32\stac97co.dll 2012-11-20 13:18 . 2008-11-06 16:35 258048 ----a-w- c:\windows\system32\ssldivx.dll 2012-11-20 13:18 . 2004-08-04 10:00 499712 ----a-w- c:\windows\system32\sqlsrv32.dll 2012-11-20 13:18 . 2004-08-04 10:00 121856 ----a-w- c:\windows\system32\secur32(3).dll 2012-11-20 13:17 . 2008-11-06 16:37 3661824 ----a-w- c:\windows\system32\qt-dx331.dll 2012-11-20 13:17 . 2010-01-10 03:14 232960 ----a-w- c:\windows\system32\ptpusd.dll 2012-11-20 13:17 . 2009-02-25 21:33 179200 ----a-w- c:\windows\system32\prntvpt.dll 2012-11-20 13:17 . 2008-09-12 19:46 477696 ----a-w- c:\windows\system32\photometadatahandler.dll 2012-11-20 13:17 . 2004-08-04 10:00 81920 ----a-w- c:\windows\system32\odbcbcp.dll 2012-11-20 13:17 . 2006-06-29 01:59 86016 ----a-w- c:\windows\system32\nlsdl.dll 2012-11-20 13:17 . 2004-08-04 10:00 128000 ----a-w- c:\windows\system32\mtxclu(3).dll 2012-11-20 13:17 . 2003-02-21 12:42 409600 ----a-w- c:\windows\system32\msvcr71.dll 2012-11-20 13:17 . 2006-03-04 03:33 262656 ----a-w- c:\windows\system32\msrating(2).dll 2012-11-20 13:17 . 2006-03-04 03:33 539136 ----a-w- c:\windows\system32\mshtmled(2).dll 2012-11-20 13:17 . 2005-01-26 18:48 135168 ----a-w- c:\windows\system32\mr310ipv.dll 2012-11-20 13:17 . 2001-10-12 17:58 90112 ----a-w- c:\windows\system32\mr310exd.dll 2012-11-20 13:17 . 2006-10-19 05:47 415744 ----a-w- c:\windows\system32\mp4sdecd.dll 2012-11-20 13:17 . 2004-08-04 10:00 117248 ----a-w- c:\windows\system32\migpwd.exe 2012-11-20 13:17 . 2003-03-19 05:12 1108992 ----a-w- c:\windows\system32\mfc71u.dll 2012-11-20 13:16 . 2003-03-19 07:20 1118208 ----a-w- c:\windows\system32\mfc71.dll 2012-11-20 13:16 . 2008-09-12 19:45 143360 ----a-w- c:\windows\system32\mdmxsdk.dll 2012-11-20 13:16 . 2007-12-21 06:21 233984 ----a-w- c:\windows\system32\lmoufrc.dll 2012-11-20 13:16 . 2008-11-06 16:35 1118208 ----a-w- c:\windows\system32\libdivx.dll 2012-11-20 13:16 . 2004-08-04 10:00 569344 ----a-w- c:\windows\system32\jscript(2).dll 2012-11-20 13:16 . 2004-08-04 10:00 131072 ----a-w- c:\windows\system32\jgsh400.dll 2012-11-20 13:16 . 2004-08-04 10:00 107008 ----a-w- c:\windows\system32\jgsd400.dll 2012-11-20 13:16 . 2004-08-04 10:00 97280 ----a-w- c:\windows\system32\jgmd400.dll 2012-11-20 13:16 . 2004-08-04 10:00 105984 ----a-w- c:\windows\system32\jgaw400.dll 2012-11-20 13:16 . 2004-08-04 10:00 245248 ----a-w- c:\windows\system32\ir50_qcx.dll 2012-11-20 13:16 . 2004-08-04 10:00 261632 ----a-w- c:\windows\system32\ir50_qc.dll 2012-11-20 13:16 . 2004-08-04 10:00 849408 ----a-w- c:\windows\system32\ir50_32.dll 2012-11-20 13:16 . 2004-08-04 10:00 403968 ----a-w- c:\windows\system32\ir41_qcx.dll 2012-11-20 13:16 . 2004-08-04 10:00 260608 ----a-w- c:\windows\system32\ir32_32.dll 2012-11-20 13:16 . 2010-04-18 02:26 527360 ----a-w- c:\windows\system32\imapi2fs.dll 2012-11-20 13:15 . 2001-05-30 07:00 409600 ----a-w- c:\windows\system32\ijl15.dll 2012-11-20 13:15 . 2006-06-29 16:05 87552 ----a-w- c:\windows\system32\idndl.dll 2012-11-20 13:15 . 2007-11-28 02:59 408576 ----a-w- c:\windows\system32\hypertrm.dll 2012-11-20 13:15 . 2008-12-17 17:22 122880 ----a-w- c:\windows\system32\ff_vfw.dll 2012-11-20 13:15 . 2004-10-03 17:50 190464 ----a-w- c:\windows\system32\ff_mpeg2enc.dll 2012-11-20 13:15 . 2006-10-19 04:00 311296 ----a-w- c:\windows\system32\drmupgds.exe 2012-11-20 13:15 . 2008-12-09 02:28 114688 ----a-w- c:\windows\system32\dpv11.dll 2012-11-20 13:15 . 2011-10-20 23:26 151552 ----a-w- c:\windows\system32\dpl100.dll 2012-11-20 13:15 . 2010-02-19 19:27 905216 ----a-w- c:\windows\system32\divx_xx16.dll 2012-11-20 13:15 . 2010-02-19 19:27 901120 ----a-w- c:\windows\system32\divx_xx11.dll 2012-11-20 13:15 . 2010-02-19 19:27 909312 ----a-w- c:\windows\system32\divx_xx0a.dll 2012-11-20 13:14 . 2004-05-26 12:37 781312 ----a-w- c:\windows\system32\devil.dll 2012-11-20 13:14 . 2008-10-01 21:21 110592 ----a-w- c:\windows\system32\cncilsc.dll 2012-11-20 13:14 . 2004-08-04 10:00 77824 ----a-w- c:\windows\system32\cliconfg.exe 2012-11-20 13:14 . 2008-06-12 18:50 2007040 ----a-w- c:\windows\system32\cdintf250.dll 2012-11-20 13:14 . 2006-10-19 05:47 342528 ----a-w- c:\windows\system32\audiodev.dll 2012-11-20 13:14 . 2003-03-19 05:05 150528 ----a-w- c:\windows\system32\atl71.dll 2012-11-20 13:14 . 2007-11-28 03:42 85504 ----a-w- c:\windows\system32\ativcoxx.dll 2012-11-20 13:14 . 2007-11-28 03:42 172032 ----a-w- c:\windows\system32\atipdlxx.dll 2012-11-20 13:14 . 2007-11-28 03:44 581632 ----a-w- c:\windows\system32\ati2sgag.exe 2012-11-20 13:14 . 2007-11-28 03:42 458752 ----a-w- c:\windows\system32\ati2evxx.exe 2012-11-20 13:14 . 2007-11-28 03:42 111616 ----a-w- c:\windows\system32\ati2evxx.dll 2012-11-20 13:14 . 2007-11-28 03:42 101376 ----a-w- c:\windows\system32\ati2edxx.dll 2012-11-20 13:14 . 2007-11-28 03:44 126464 ----a-w- c:\windows\system32\agrsmdel.exe 2012-11-20 13:14 . 2004-08-04 10:00 239616 ----a-w- c:\windows\system32\advpack(3).dll 2012-11-20 13:13 . 2007-11-28 05:07 81920 ----a-w- c:\windows\system32\ZyDelReg.exe 2012-11-20 13:13 . 2007-11-28 05:07 143360 ----a-w- c:\windows\system32\ZDPN50.dll 2012-11-20 13:13 . 2007-11-28 05:07 143360 ----a-w- c:\windows\system32\ZDBRGDLL.dll 2012-11-20 13:13 . 2006-09-29 02:56 235008 ----a-w- c:\windows\system32\WudfPlatform.dll 2012-11-20 13:13 . 2006-09-29 02:56 211968 ----a-w- c:\windows\system32\WudfHost.exe 2012-11-20 13:13 . 2006-10-19 05:47 2664448 ----a-w- c:\windows\system32\WpdShext.dll 2012-11-20 13:13 . 2006-09-29 02:56 377856 ----a-w- c:\windows\system32\WUDFx.dll 2012-11-20 13:13 . 2006-10-19 05:47 199168 ----a-w- c:\windows\system32\WPDShServiceObj.dll 2012-11-20 13:13 . 2006-10-19 05:47 722432 ----a-w- c:\windows\system32\WMVXENCD.dll 2012-11-20 13:13 . 2006-10-19 05:47 1448448 ----a-w- c:\windows\system32\WMVSDECD.dll 2012-11-20 13:12 . 2006-10-19 05:47 1640448 ----a-w- c:\windows\system32\WMVENCOD.dll 2012-11-20 13:12 . 2002-08-21 13:13 255488 ----a-w- c:\windows\system32\WISPTIS.EXE 2012-11-20 13:12 . 2008-11-29 20:26 1073152 ----a-w- c:\windows\system32\VSFilter.dll 2012-11-20 13:12 . 1999-11-25 01:40 131072 ----a-w- c:\windows\system32\VBAME.DLL 2012-11-20 13:12 . 2004-09-16 09:00 143360 ----a-w- c:\windows\system32\UMLoader.dll 2012-11-20 13:12 . 2000-04-04 01:52 208896 ----a-w- c:\windows\system32\RDOCURS.DLL 2012-11-20 13:12 . 2003-01-05 05:09 188416 ----a-w- c:\windows\system32\Prounstl.exe 2012-11-20 13:12 . 2006-10-19 05:47 197632 ----a-w- c:\windows\system32\PortableDeviceWiaCompat.dll 2012-11-20 13:12 . 2006-10-19 05:47 260608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll 2012-11-20 13:12 . 2006-10-19 05:47 167424 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DownloadAccelerator"="c:\program files\STUFF\Download Accelerator Plus\DAP.EXE" [2012-08-15 2815488] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StacSysTray"="c:\program files\SigmaTel\C-Major Audio\ControlPanel\StacSysTray.exe" [2004-04-29 102400] "Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-05 856064] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768] "Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-19 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Rob^Start Menu^Programs^Startup^MagicDisc.lnk] path=c:\documents and settings\Rob\Start Menu\Programs\Startup\MagicDisc.lnk backup=c:\windows\pss\MagicDisc.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Version Cue CS2] 2005-04-05 02:58 856064 ----a-w- c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA] 2005-09-08 13:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] 2007-03-29 22:41 222128 ----a-w- c:\documents and settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility] 2003-12-17 16:50 19968 ------w- c:\windows\LOGI_MWX.EXE . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6/27/2010 8:09 PM 136360] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4/17/2010 3:47 PM 47360] S2 SigService;Sigmatel Service;c:\program files\SigmaTel\C-Major Audio\ControlPanel\sigservice.exe --> c:\program files\SigmaTel\C-Major Audio\ControlPanel\sigservice.exe [?] S3 MR97310_VGA_DUAL_CAMERA;VGA Dual-Mode Camera;c:\windows\system32\drivers\mr97310v.sys [3/30/2004 10:29 AM 118106] S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 12:37 PM 517096] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Contents of the 'Scheduled Tasks' folder . 2012-11-21 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAEXEC.exe [2009-08-03 23:07] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: &Clean Traces - c:\program files\STUFF\Download Accelerator Plus\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\STUFF\Download Accelerator Plus\dapextie.htm IE: Download &all with DAP - c:\program files\STUFF\Download Accelerator Plus\dapextie2.htm IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm TCP: DhcpNameServer = 192.168.0.1 DPF: Web-Based Email Tools - hxxps://email.secureserver.net/Download.CAB . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-21 15:21 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1644491937-562591055-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:c0,e0,d6,b4,b9,a1,21,c7,f5,b5,bc,c5,9c,55,e8,60,9d,3f,ce,d0,10,24,71, 30,0a,f7,e7,0c,f5,a5,a1,d0,da,3d,75,c8,97,9d,91,8a,77,88,6e,b4,6a,66,9c,b3,\ "??"=hex:59,52,4d,96,40,27,6e,8f,7c,35,3d,81,cd,0f,89,4c . [HKEY_USERS\S-1-5-21-1644491937-562591055-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:c2,1e,91,d7,9c,ef,c0,ad,7f,a9,be,b9,ef,ec,85,23,86,18,f1,f2,41, 6c,29,51,55,a2,cd,23,74,8d,c0,a9,68,0c,02,cf,15,85,69,26,eb,9d,4f,2c,a3,09,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(908) c:\windows\system32\Ati2evxx.dll . Completion time: 2012-11-21 15:24:40 ComboFix-quarantined-files.txt 2012-11-21 23:24 ComboFix2.txt 2012-11-18 04:36 ComboFix3.txt 2012-11-16 08:32 ComboFix4.txt 2012-11-16 06:43 ComboFix5.txt 2012-11-21 23:05 . Pre-Run: 10,918,899,712 bytes free Post-Run: 10,927,824,896 bytes free . - - End Of File - - 31DB3C19452EE73E803B2775B077C86F

DK, FINALLY, I successfully ran Kaspersky Rescue Disk. I followed the 'Recommended' actions for the viruses/trojans found. I then saved the detailed report in 'Computer' and also in the default location, 'root'. However, after rebooting sucessfully without the FBI crap, I cannot locate the report. I did a search for it including Hidden files/folders, but it is nowhere to be found. I do have a c:\Kaspersky Rescue Disk folder but the 'report' folder shows files with the .rpt extension. Awaiting further instructions. Thx, -Scott

DK, Something happened when trying to DELETE the viruses it found after I plugged in my USB flash drive to DL the report. I had forgotten that I had put the Kaspersky Rescue ISO on it so everything closed. I am running a new Rescue Disk but it says it will take 2 hrs to complete so I will have to get the report to you tomorrow. Thx.

DK, Thx for the answers. It took me so long to get back to you as the first disk worked, then froze, then worked, then froze, etc. I finally burned a second disk that seems to have worked properly. Now, should I DELETE or SKIP the results found by the Kaspersky Rescue Disk? -Scott

DK, I am burning the ISO per your instructions. Do you want me to post the report? BTW, do you think I got the FBI Ransom one because my Malwarebytes and Avira don't open initially on startup as FreeCell opens instead of them? Just a thought. Also, I plan on buying the full version of Malwarebytes once my computer is clean. Would the full version had protected me against both of these attacks? - Scott