Jump to content

Please help me too


Recommended Posts

Malwarebytes' Anti-Malware 1.31

Database version: 1460

Windows 5.1.2600 Service Pack 2

4.12.2008 23:51:36

mbam-log-2008-12-04 (23-51-36).txt

Scan type: Quick Scan

Objects scanned: 69366

Time elapsed: 29 minute(s), 53 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 6

Registry Keys Infected: 17

Registry Values Infected: 3

Registry Data Items Infected: 2

Folders Infected: 1

Files Infected: 82

Memory Processes Infected:

C:\WINDOWS\system32\svrhost.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:

C:\WINDOWS\system32\iifebXPf.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\ilkdrcod.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\mkplia.dll (Trojan.Vundo) -> Delete on reboot.

C:\WINDOWS\system32\khfgggHx.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\ertdqp.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\caouwsaq.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0734956c-d646-4406-a02e-2f5c3c88d3a3} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{0734956c-d646-4406-a02e-2f5c3c88d3a3} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6af617d-b2d5-40e0-af13-be9e9458f3c8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{b6af617d-b2d5-40e0-af13-be9e9458f3c8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e0da6733-5c9a-46bc-ba1f-7f4998a173d5} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfggghx (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{e0da6733-5c9a-46bc-ba1f-7f4998a173d5} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_CLASSES_ROOT\CLSID\{85d2e299-e4ea-4080-911c-3ebe97c6068c} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8eeb2711-9d21-4f9c-99a1-b7fc5a8ca56a} (Adware.DrFlex) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e0da6733-5c9a-46bc-ba1f-7f4998a173d5} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b6af617d-b2d5-40e0-af13-be9e9458f3c8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0734956c-d646-4406-a02e-2f5c3c88d3a3} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e0da6733-5c9a-46bc-ba1f-7f4998a173d5} (Trojan.Vundo.H) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Sound (Backdoor.Bot) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Microsoft Windows Sound (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\iifebxpf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\iifebxpf -> Delete on reboot.

Folders Infected:

C:\Program Files\QdrDrive (Adware.AdBand) -> Quarantined and deleted successfully.

Files Infected:

C:\WINDOWS\system32\iifebXPf.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\fPXbefii.ini (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\fPXbefii.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ertdqp.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\khfgggHx.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\dpphtuat.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tauthppd.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ilkdrcod.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\docrdkli.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kkhbecjk.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kjcebhkk.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rciwlcpu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\upclwicr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tibhrekv.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vkerhbit.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\youbrqob.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\boqrbuoy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mkplia.dll (Trojan.Vundo) -> Delete on reboot.

C:\WINDOWS\vntb9283.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\audfjxrk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\chzvkk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fbmjug.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gbkfhlid.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\goxfylau.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kdsggauq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kjgkffiy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mbndcyyj.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mcktuwam.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\pfqpan.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\pkkoufnj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rwiwkfyw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\rxryhl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\stlqbj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tdpnncyt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\tivuithd.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\urqRIXrO.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wkhbnomd.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\bfxiuleo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\cusqhhga.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ebjsqw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\eqsqsdtp.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\gymqgndo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hjnlleql.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hkwwxusu.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lnxnhudv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mmleagfw.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jhyqiv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hxycqpxy.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mtcnplhw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\adbbue.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\aduqpj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\usdemy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\bovixiyn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\caouwsaq.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\wvpdvlrs.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\xxesngdk.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\yqfuambi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\yvjmkilb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ywsxaj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\fkbhwkvs.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kqcytutn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vicmvxfc.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\voaseubm.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vpheyo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vphtrk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vrojmeku.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\qweymr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ttkwxnry.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\xcrmhdxo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\xggevhye.exe (Trojan.LowZones) -> Quarantined and deleted successfully.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\ABANG7MH\zc113432[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\GXQJCDI3\zc113432[1] (Trojan.Vundo.H) -> Delete on reboot.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\K5UZW12N\index[1] (Trojan.Vundo.H) -> Delete on reboot.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\zc113432[1] (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\zc113432[2] (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\W123KTEN\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Program Files\QdrDrive\QdrDrive20.dll (Adware.AdBand) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\svrhost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\Fonts\Setup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-05 06:59:59

PROTECTIONS: 0

MALWARE: 54

SUSPECTS: 2

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mairo\Cookies\mairo@tribalfusion[2].txt

00250251 Adware/ISearch Adware No 0 No No C:\Temp\dviS630.exe[ADI5MDi2.exe]

00250251 Adware/ISearch Adware No 0 Yes No C:\WINDOWS\system32\ws2\ADI5MDi2.exe

00424835 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP85\A0014581.dll

00424835 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP85\A0014582.dll

00425903 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP112\A0021685.dll

00425903 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP112\A0021684.dll

00436462 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\fgxrpw.dll

00436462 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\cdmnhkqh.dll

00437833 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\pwrmqs.dll

00437833 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ntoeqeiq.dll

00441593 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\wfywmp.dll

00441593 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\hcsksbwu.dll

00444270 Adware/InternetSpeedMonitor Adware No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP81\A0014342.exe

00445260 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\nfcxkuny.dll

00445262 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\mgmnif.dll

00445262 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ljebfccf.dll

00445265 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\cbsmtqra.dll

00445265 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\zyvvwm.dll

00455152 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\aovrqhad.dll

00455152 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\rgotzu.dll

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\freescan[1].htm

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\GTCPQBST\freescan[1].htm

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\XRRJHPSE\freescan[1].htm

00458531 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jtkjwr.dll

00458531 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jprwagfk.dll

00462618 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jcbpwmqg.dll

00462618 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\srsbxv.dll

00463758 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP108\A0021418.dll

00463789 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\kosnoiok.dll

00463789 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\gqomfa.dll

00463801 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\mbfgcqro.dll

00463801 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\dgqaqp.dll

00466345 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP118\A0023331.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\aropyu.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\tuulbg.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\gqpsrlod.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\rpuvkgih.dll

00470141 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\xposaisu.dll

00470141 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\bxgthv.dll

00470141 Spyware/Virtumonde Spyware No 1 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\index[2]

01143512 W32/Sdbot.KQE.worm Virus/Trojan No 1 No No C:\Documents and Settings\Mairo\My Documents\Downloads\Mixmeister 7 PRO CRACKED.rar[Mixmeister 7 PRO CRACKED\mmp7_full\mmp7_full.exe][Mixmeister 7 PRO CRACKED\mmp7_full\mmp7_full.exe][lmonit.exe]

02551250 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP33\A0006873.exe

02906063 Bck/VB.ABN Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP81\A0014362.exe

02906063 Bck/VB.ABN Virus/Trojan No 0 Yes No C:\WINDOWS\Fonts\a.zip[setup.exe]

02906063 Bck/VB.ABN Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP79\A0014249.exe

03738695 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe[C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe][keymaker.exe]

03783152 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\EV02\EV022328.exe

03898905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Mairo\My Documents\Downloads\Everest Ultimate Edition 4 + Key [App][www.zonatorrent.com]\keygen.exe

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\kchytphc.dll

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP90\A0017961.dll

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\jqckuqvy.dll

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\elsqljfe.dll

03971228 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ofdbocow.dll

03971228 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\flcaiy.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\tfxswbsw.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\swwntimq.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\xqyivd.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\wzqaqz.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\sfbdjahd.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\fygaevtq.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ncwurb.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\uuayib.dll

03992253 Generic Malware Virus/Trojan No 0 No No C:\WINDOWS\system32\ixi\GLB4X24.exe[■%%\

Link to post
Share on other sites

I reboot my computer.Computer was faster than earlier and internet too,but there are still something that slowers my computer.maybe it is because of MBAM,it is running.And Antivirus 2009 don t shows up.

Here are new logs

Malwarebytes' Anti-Malware 1.31

Database version: 1463

Windows 5.1.2600 Service Pack 2

5.12.2008 19:12:22

mbam-log-2008-12-05 (19-12-22).txt

Scan type: Quick Scan

Objects scanned: 69450

Time elapsed: 25 minute(s), 18 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-05 22:31:18

PROTECTIONS: 0

MALWARE: 57

SUSPECTS: 2

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mairo\Cookies\mairo@doubleclick[1].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mairo\Cookies\mairo@tribalfusion[2].txt

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Mairo\Cookies\mairo@zedo[1].txt

00250251 Adware/ISearch Adware No 0 No No C:\Temp\dviS630.exe[ADI5MDi2.exe]

00250251 Adware/ISearch Adware No 0 Yes No C:\WINDOWS\system32\ws2\ADI5MDi2.exe

00424835 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP85\A0014582.dll

00424835 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP85\A0014581.dll

00425903 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP112\A0021684.dll

00425903 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP112\A0021685.dll

00436462 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\fgxrpw.dll

00436462 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\cdmnhkqh.dll

00437833 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\pwrmqs.dll

00437833 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ntoeqeiq.dll

00441593 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\wfywmp.dll

00441593 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\hcsksbwu.dll

00444270 Adware/InternetSpeedMonitor Adware No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP81\A0014342.exe

00445260 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\nfcxkuny.dll

00445262 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\mgmnif.dll

00445262 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ljebfccf.dll

00445265 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\zyvvwm.dll

00445265 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\cbsmtqra.dll

00455152 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\aovrqhad.dll

00455152 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\rgotzu.dll

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\GTCPQBST\freescan[1].htm

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\freescan[1].htm

00456116 Adware/Antivirus2009 Adware No 0 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\G9SBG7SN\freescan[1].htm

00458531 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jtkjwr.dll

00458531 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jprwagfk.dll

00462618 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jcbpwmqg.dll

00462618 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\srsbxv.dll

00463758 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP108\A0021418.dll

00463789 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\gqomfa.dll

00463789 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\kosnoiok.dll

00463801 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\mbfgcqro.dll

00463801 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\dgqaqp.dll

00466345 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP118\A0023331.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\gqpsrlod.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\tuulbg.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\aropyu.dll

00470130 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\rpuvkgih.dll

00470141 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\xposaisu.dll

00470141 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\bxgthv.dll

00470141 Spyware/Virtumonde Spyware No 1 Yes No C:\Documents and Settings\Mairo\Local Settings\Temporary Internet Files\Content.IE5\MFCDHGYO\index[2]

01143512 W32/Sdbot.KQE.worm Virus/Trojan No 1 No No C:\Documents and Settings\Mairo\My Documents\Downloads\Mixmeister 7 PRO CRACKED.rar[Mixmeister 7 PRO CRACKED\mmp7_full\mmp7_full.exe][Mixmeister 7 PRO CRACKED\mmp7_full\mmp7_full.exe][lmonit.exe]

02551250 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP33\A0006873.exe

02906063 Bck/VB.ABN Virus/Trojan No 0 Yes No C:\WINDOWS\Fonts\a.zip[setup.exe]

02906063 Bck/VB.ABN Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP79\A0014249.exe

02906063 Bck/VB.ABN Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP81\A0014362.exe

03738695 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe[C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe][keymaker.exe]

03783152 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\EV02\EV022328.exe

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP121\A0023752.sys

03898905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Mairo\My Documents\Downloads\Everest Ultimate Edition 4 + Key [App][www.zonatorrent.com]\keygen.exe

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\jqckuqvy.dll

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{4123D32E-3D3A-4F31-BBF4-9A4A94EC0D63}\RP90\A0017961.dll

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\kchytphc.dll

03952073 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\system32\elsqljfe.dll

03971228 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\flcaiy.dll

03971228 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ofdbocow.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ncwurb.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\tfxswbsw.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\uuayib.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\wzqaqz.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\xqyivd.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\swwntimq.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\sfbdjahd.dll

03971950 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\fygaevtq.dll

03992253 Generic Malware Virus/Trojan No 0 No No C:\WINDOWS\system32\ixi\GLB4X24.exe[■%%\

Link to post
Share on other sites

Close all Windows, Start Hijackthis, hit scan, select all of the following:

O2 - BHO: (no name) - {0171AD11-16D3-4102-901F-4927931F20F6} - (no file)

O2 - BHO: (no name) - {0369814d-af86-4f81-bac5-cf050f42cdfa} - (no file)

O2 - BHO: (no name) - {08408E1E-E7C8-40C0-91F8-5AD01930193E} - (no file)

O2 - BHO: (no name) - {0f5cf180-6be9-4864-9f4b-68a1cf845a7f} - (no file)

O2 - BHO: (no name) - {13FF0F2D-2B48-4C9C-8E0C-FF462806E0B1} - (no file)

O2 - BHO: (no name) - {197D71AB-3F0A-407F-B59C-65E3995DD4E8} - (no file)

O2 - BHO: (no name) - {34bfbd0f-d47a-4aa1-9bb0-ca6a5c304171} - (no file)

O2 - BHO: (no name) - {359B242D-7E19-448E-8392-EAB4DE312F68} - (no file)

O2 - BHO: (no name) - {51753D7F-8508-4C38-8B45-6EEEE7110237} - (no file)

O2 - BHO: (no name) - {5319C503-25CA-47B7-AC7B-694524FB792D} - (no file)

O2 - BHO: (no name) - {55871D9C-A8E8-4775-9085-64D0461CE4A6} - (no file)

O2 - BHO: (no name) - {5CC35DB1-E0DB-4F5A-B99F-685C6824BB65} - (no file)

O2 - BHO: (no name) - {61F16A3C-0626-43EB-A89F-DF64C9F6596E} - (no file)

O2 - BHO: (no name) - {640007A0-4CA1-484F-BA31-92B27F95B99A} - (no file)

O2 - BHO: (no name) - {69CBFAC9-7072-459D-9501-06DC64D9EE32} - (no file)

O2 - BHO: (no name) - {6a589ab0-9856-4449-82b4-b6002dca28c2} - (no file)

O2 - BHO: (no name) - {6f811f3e-3da3-4ab4-872c-40f03c0559fc} - (no file)

O2 - BHO: (no name) - {6f9279c6-243c-496b-a3c3-9f488e1204df} - (no file)

O2 - BHO: (no name) - {7026F999-CD95-4FB9-91EE-63AA4DBC1E94} - (no file)

O2 - BHO: (no name) - {71BF38E2-DA7D-4FB3-8410-ACA9439F4420} - (no file)

O2 - BHO: (no name) - {790A5C8D-4BAC-4ADA-AE62-82FFB088E840} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {90F55858-8F16-4EBE-A531-2243ECD30887} - (no file)

O2 - BHO: (no name) - {91b6fd44-2b32-4545-ad9f-32af7c9c7f79} - (no file)

O2 - BHO: (no name) - {925186AA-4B27-4FC5-80BB-E6E2B53DA8EE} - (no file)

O2 - BHO: (no name) - {94AE6054-F29E-436F-8E23-E3AFCC2F9291} - (no file)

O2 - BHO: (no name) - {98ecd32d-3b36-40cf-88d0-a45b3adefd91} - (no file)

O2 - BHO: (no name) - {9B23DA1E-F3ED-4B6C-9918-5F25A66B0C59} - (no file)

O2 - BHO: (no name) - {a52c2cb3-bed9-47e8-b375-db4a5e6d7259} - (no file)

O2 - BHO: (no name) - {AB3B5B6F-686A-49A7-B4C0-1E2A8DDBA199} - (no file)

O2 - BHO: (no name) - {b0d153fc-ef88-4d52-a565-52657c7fee65} - (no file)

O2 - BHO: (no name) - {B4377F1E-331A-43FF-8C7B-AA51A84EFEDF} - (no file)

O2 - BHO: (no name) - {ba736c83-b39b-4003-863e-094435f2be9d} - (no file)

O2 - BHO: (no name) - {c0c3ddf2-89bc-4325-ade0-9c7b7f787ff1} - (no file)

O2 - BHO: (no name) - {C23382C0-778C-4A4C-BEC2-01613A48B8FA} - (no file)

O2 - BHO: (no name) - {C460D0C2-694F-4C7E-8AF0-77459D2F9F97} - (no file)

O2 - BHO: (no name) - {C95BDDA7-1E87-4614-8DCE-B259901D4797} - (no file)

O2 - BHO: (no name) - {d60a1c5f-5511-4b87-b925-f3cec9c64fc1} - (no file)

O2 - BHO: (no name) - {D9A19603-24B1-4A1E-A4E9-C511E257291F} - (no file)

O2 - BHO: (no name) - {db45b961-4b9a-47a7-a683-ee4e0dc67761} - (no file)

O2 - BHO: (no name) - {DE629C70-2764-4B04-A9C6-AF244AC88648} - (no file)

O2 - BHO: (no name) - {E0D3765C-8A45-481E-9496-556FA3EDD22F} - (no file)

O2 - BHO: (no name) - {E1DE9AAD-02C0-4675-8DDB-D1C956852EF9} - (no file)

O2 - BHO: (no name) - {EA9AF85F-19F5-47E8-903F-D3449C874361} - (no file)

O2 - BHO: (no name) - {eb0423df-a077-4bc6-bc9b-ead332e5876a} - (no file)

O2 - BHO: (no name) - {EFB80086-3DBA-44FE-BA3B-1616A372CE61} - (no file)

O2 - BHO: (no name) - {f7e0e279-f746-416e-bdf0-8f8a1b3668bd} - (no file)

O2 - BHO: (no name) - {F7FA885E-BEA5-4A8C-B275-B3C457490252} - (no file)

O2 - BHO: (no name) - {facfbf7a-f0be-44e6-9ece-0d624f905422} - (no file)

O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

O16 - DPF: {096DCF31-53FA-4BA6-A729-D85D29FC0D70} (Detect Class) - https://installer.id.ee/IDInstaller.cab

O20 - AppInit_DLLs: mkplia.dll lqpzjx.dll ertdqp.dll

Hit Fix, restart your PC, post a fresh hijackthislog.

FYI, The reason you were affected in the first place is due to your piracy...:

03738695 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe[C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe][keymaker.exe]

It's really just not worth the risk of potential harm to your computer to save a little money. Obviously you find the programs of use, you should consider... oh, paying for them.

Link to post
Share on other sites

Hit Fix, restart your PC, post a fresh hijackthislog.

FYI, The reason you were affected in the first place is due to your piracy...:

03738695 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe[C:\Documents and Settings\Mairo\My Documents\Downloads\Nero 8 Ultra Edition 8.3.2.1b Multilanguage Full Version Including Keygen\keymaker.exe][keymaker.exe]

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:23:34, on 6.12.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/

O2 - BHO: (no name) - {0171AD11-16D3-4102-901F-4927931F20F6} - (no file)

O2 - BHO: (no name) - {0369814d-af86-4f81-bac5-cf050f42cdfa} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {08408E1E-E7C8-40C0-91F8-5AD01930193E} - (no file)

O2 - BHO: (no name) - {0f5cf180-6be9-4864-9f4b-68a1cf845a7f} - (no file)

O2 - BHO: (no name) - {13FF0F2D-2B48-4C9C-8E0C-FF462806E0B1} - (no file)

O2 - BHO: (no name) - {197D71AB-3F0A-407F-B59C-65E3995DD4E8} - (no file)

O2 - BHO: (no name) - {34bfbd0f-d47a-4aa1-9bb0-ca6a5c304171} - (no file)

O2 - BHO: (no name) - {359B242D-7E19-448E-8392-EAB4DE312F68} - (no file)

O2 - BHO: (no name) - {51753D7F-8508-4C38-8B45-6EEEE7110237} - (no file)

O2 - BHO: (no name) - {5319C503-25CA-47B7-AC7B-694524FB792D} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {55871D9C-A8E8-4775-9085-64D0461CE4A6} - (no file)

O2 - BHO: (no name) - {5CC35DB1-E0DB-4F5A-B99F-685C6824BB65} - (no file)

O2 - BHO: (no name) - {61F16A3C-0626-43EB-A89F-DF64C9F6596E} - (no file)

O2 - BHO: (no name) - {640007A0-4CA1-484F-BA31-92B27F95B99A} - (no file)

O2 - BHO: (no name) - {69CBFAC9-7072-459D-9501-06DC64D9EE32} - (no file)

O2 - BHO: (no name) - {6a589ab0-9856-4449-82b4-b6002dca28c2} - (no file)

O2 - BHO: (no name) - {6f811f3e-3da3-4ab4-872c-40f03c0559fc} - (no file)

O2 - BHO: (no name) - {6f9279c6-243c-496b-a3c3-9f488e1204df} - (no file)

O2 - BHO: (no name) - {7026F999-CD95-4FB9-91EE-63AA4DBC1E94} - (no file)

O2 - BHO: (no name) - {71BF38E2-DA7D-4FB3-8410-ACA9439F4420} - (no file)

O2 - BHO: (no name) - {790A5C8D-4BAC-4ADA-AE62-82FFB088E840} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {90F55858-8F16-4EBE-A531-2243ECD30887} - (no file)

O2 - BHO: (no name) - {91b6fd44-2b32-4545-ad9f-32af7c9c7f79} - (no file)

O2 - BHO: (no name) - {925186AA-4B27-4FC5-80BB-E6E2B53DA8EE} - (no file)

O2 - BHO: (no name) - {94AE6054-F29E-436F-8E23-E3AFCC2F9291} - (no file)

O2 - BHO: (no name) - {98ecd32d-3b36-40cf-88d0-a45b3adefd91} - (no file)

O2 - BHO: (no name) - {9B23DA1E-F3ED-4B6C-9918-5F25A66B0C59} - (no file)

O2 - BHO: (no name) - {a52c2cb3-bed9-47e8-b375-db4a5e6d7259} - (no file)

O2 - BHO: (no name) - {AB3B5B6F-686A-49A7-B4C0-1E2A8DDBA199} - (no file)

O2 - BHO: (no name) - {b0d153fc-ef88-4d52-a565-52657c7fee65} - (no file)

O2 - BHO: (no name) - {B4377F1E-331A-43FF-8C7B-AA51A84EFEDF} - (no file)

O2 - BHO: (no name) - {ba736c83-b39b-4003-863e-094435f2be9d} - (no file)

O2 - BHO: (no name) - {c0c3ddf2-89bc-4325-ade0-9c7b7f787ff1} - (no file)

O2 - BHO: (no name) - {C23382C0-778C-4A4C-BEC2-01613A48B8FA} - (no file)

O2 - BHO: (no name) - {C460D0C2-694F-4C7E-8AF0-77459D2F9F97} - (no file)

O2 - BHO: (no name) - {C95BDDA7-1E87-4614-8DCE-B259901D4797} - (no file)

O2 - BHO: (no name) - {d60a1c5f-5511-4b87-b925-f3cec9c64fc1} - (no file)

O2 - BHO: (no name) - {D9A19603-24B1-4A1E-A4E9-C511E257291F} - (no file)

O2 - BHO: (no name) - {db45b961-4b9a-47a7-a683-ee4e0dc67761} - (no file)

O2 - BHO: (no name) - {DE629C70-2764-4B04-A9C6-AF244AC88648} - (no file)

O2 - BHO: (no name) - {E0D3765C-8A45-481E-9496-556FA3EDD22F} - (no file)

O2 - BHO: (no name) - {E1DE9AAD-02C0-4675-8DDB-D1C956852EF9} - (no file)

O2 - BHO: (no name) - {EA9AF85F-19F5-47E8-903F-D3449C874361} - (no file)

O2 - BHO: (no name) - {eb0423df-a077-4bc6-bc9b-ead332e5876a} - (no file)

O2 - BHO: (no name) - {EFB80086-3DBA-44FE-BA3B-1616A372CE61} - (no file)

O2 - BHO: (no name) - {f7e0e279-f746-416e-bdf0-8f8a1b3668bd} - (no file)

O2 - BHO: (no name) - {F7FA885E-BEA5-4A8C-B275-B3C457490252} - (no file)

O2 - BHO: (no name) - {facfbf7a-f0be-44e6-9ece-0d624f905422} - (no file)

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [EstEID AIP switch] "C:\Program Files\IT Arendus\ID-kaart\aipswitch.exe" 1

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {096DCF31-53FA-4BA6-A729-D85D29FC0D70} (Detect Class) - https://installer.id.ee/IDInstaller.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab

O20 - AppInit_DLLs: mkplia.dll lqpzjx.dll ertdqp.dll

O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8898 bytes

Link to post
Share on other sites

Please download and run the Trend Micro Sysclean Package on your computer.

NOTE! This scan will probably take a long time to run on your computer so be patient and don't use it while it's scanning.

  • Trend Micro Damage Cleanup Engine


Make sure you read this document to understand how to use the program.

Basically there are 3 parts that need to be downloaded from these links:


  • As an example on 2008-10-17 the files to download are:
    sysclean.com
    |
    lpt605.zip
    |
    ssapiptn697.zip
  • NOTE!
    These file names are examples and you must visit Trend Micro for the very latest files which may have different names.

  • Create a brand new folder to copy these files to.

  • As an example:
    C:\DCE

  • Then open each of the zipped archive files and copy their contents to
    C:\DCE

  • Copy the file
    sysclean.com
    to the new folder
    C:\DCE
    as well.

  • Double-click on the file
    sysclean.com
    that is in the
    C:\DCE
    folder and follow the on-screen instructions.

    After doing all of this, please post back your results, including the log file
    sysclean.log
    that will be left behind by sysclean.

  • This self-extracting archive is a stand-alone fix package that incorporates the Trend Micro VSAPI Malware and Spyware scanning engines as well as the Trend Micro Damage Cleanup Engine and Template.

    This tool supports the following features:

    o Terminate all detected malware/spyware instances in memory

    o Remove malware/spyware registry entries

    o Remove malware/spyware entries from system files

    o Scan for and delete all detected malware/spyware copies in all local drives

http://windowshelp.microsoft.com/windows/en-us/help/7050d809-c761-43d4-aae7-587550cd341a1033.mspx' rel="external nofollow">
Link to post
Share on other sites

Damage Cleanup Engine (DCE) 6.0(Build 1064)

Windows XP(Build 2600: Service Pack 2)

Start time : P dets 07 2008 13:30:24

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Mairo\Desktop\New Folder\TMRDCT.ptn" (version ) [fail]

Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Mairo\Desktop\New Folder\tsc.ptn" (version 994) [success]

Complete time : P dets 07 2008 13:30:44

Execute pattern count(3031), Virus found count(0), Virus clean count(0), Clean failed count(0)

Link to post
Share on other sites

/--------------------------------------------------------------\

| Trend Micro System Cleaner |

| Copyright 2006-2007, Trend Micro, Inc. |

| http://www.antivirus.com |

\--------------------------------------------------------------/

2008-12-08, 18:00:53, Auto-clean mode specified.

2008-12-08, 18:00:54, Initialized Rootkit Driver version 2.2.0.1004.

2008-12-08, 18:00:54, Running scanner "C:\New Folder\TSC.BIN"...

2008-12-08, 18:01:15, Scanner "C:\New Folder\TSC.BIN" has finished running.

2008-12-08, 18:01:15, TSC Log:

˙

Link to post
Share on other sites

How is the computer doing now?

computer is fine and log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:31:58, on 10.12.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/

O2 - BHO: (no name) - {0171AD11-16D3-4102-901F-4927931F20F6} - (no file)

O2 - BHO: (no name) - {0369814d-af86-4f81-bac5-cf050f42cdfa} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {08408E1E-E7C8-40C0-91F8-5AD01930193E} - (no file)

O2 - BHO: (no name) - {0f5cf180-6be9-4864-9f4b-68a1cf845a7f} - (no file)

O2 - BHO: (no name) - {13FF0F2D-2B48-4C9C-8E0C-FF462806E0B1} - (no file)

O2 - BHO: (no name) - {197D71AB-3F0A-407F-B59C-65E3995DD4E8} - (no file)

O2 - BHO: (no name) - {34bfbd0f-d47a-4aa1-9bb0-ca6a5c304171} - (no file)

O2 - BHO: (no name) - {359B242D-7E19-448E-8392-EAB4DE312F68} - (no file)

O2 - BHO: (no name) - {51753D7F-8508-4C38-8B45-6EEEE7110237} - (no file)

O2 - BHO: (no name) - {5319C503-25CA-47B7-AC7B-694524FB792D} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {55871D9C-A8E8-4775-9085-64D0461CE4A6} - (no file)

O2 - BHO: (no name) - {5CC35DB1-E0DB-4F5A-B99F-685C6824BB65} - (no file)

O2 - BHO: (no name) - {61F16A3C-0626-43EB-A89F-DF64C9F6596E} - (no file)

O2 - BHO: (no name) - {640007A0-4CA1-484F-BA31-92B27F95B99A} - (no file)

O2 - BHO: (no name) - {69CBFAC9-7072-459D-9501-06DC64D9EE32} - (no file)

O2 - BHO: (no name) - {6a589ab0-9856-4449-82b4-b6002dca28c2} - (no file)

O2 - BHO: (no name) - {6f811f3e-3da3-4ab4-872c-40f03c0559fc} - (no file)

O2 - BHO: (no name) - {6f9279c6-243c-496b-a3c3-9f488e1204df} - (no file)

O2 - BHO: (no name) - {7026F999-CD95-4FB9-91EE-63AA4DBC1E94} - (no file)

O2 - BHO: (no name) - {71BF38E2-DA7D-4FB3-8410-ACA9439F4420} - (no file)

O2 - BHO: (no name) - {790A5C8D-4BAC-4ADA-AE62-82FFB088E840} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {90F55858-8F16-4EBE-A531-2243ECD30887} - (no file)

O2 - BHO: (no name) - {91b6fd44-2b32-4545-ad9f-32af7c9c7f79} - (no file)

O2 - BHO: (no name) - {925186AA-4B27-4FC5-80BB-E6E2B53DA8EE} - (no file)

O2 - BHO: (no name) - {94AE6054-F29E-436F-8E23-E3AFCC2F9291} - (no file)

O2 - BHO: (no name) - {98ecd32d-3b36-40cf-88d0-a45b3adefd91} - (no file)

O2 - BHO: (no name) - {9B23DA1E-F3ED-4B6C-9918-5F25A66B0C59} - (no file)

O2 - BHO: (no name) - {a52c2cb3-bed9-47e8-b375-db4a5e6d7259} - (no file)

O2 - BHO: (no name) - {AB3B5B6F-686A-49A7-B4C0-1E2A8DDBA199} - (no file)

O2 - BHO: (no name) - {b0d153fc-ef88-4d52-a565-52657c7fee65} - (no file)

O2 - BHO: (no name) - {B4377F1E-331A-43FF-8C7B-AA51A84EFEDF} - (no file)

O2 - BHO: (no name) - {ba736c83-b39b-4003-863e-094435f2be9d} - (no file)

O2 - BHO: (no name) - {c0c3ddf2-89bc-4325-ade0-9c7b7f787ff1} - (no file)

O2 - BHO: (no name) - {C23382C0-778C-4A4C-BEC2-01613A48B8FA} - (no file)

O2 - BHO: (no name) - {C460D0C2-694F-4C7E-8AF0-77459D2F9F97} - (no file)

O2 - BHO: (no name) - {C95BDDA7-1E87-4614-8DCE-B259901D4797} - (no file)

O2 - BHO: (no name) - {d60a1c5f-5511-4b87-b925-f3cec9c64fc1} - (no file)

O2 - BHO: (no name) - {D9A19603-24B1-4A1E-A4E9-C511E257291F} - (no file)

O2 - BHO: (no name) - {db45b961-4b9a-47a7-a683-ee4e0dc67761} - (no file)

O2 - BHO: (no name) - {DE629C70-2764-4B04-A9C6-AF244AC88648} - (no file)

O2 - BHO: (no name) - {E0D3765C-8A45-481E-9496-556FA3EDD22F} - (no file)

O2 - BHO: (no name) - {E1DE9AAD-02C0-4675-8DDB-D1C956852EF9} - (no file)

O2 - BHO: (no name) - {EA9AF85F-19F5-47E8-903F-D3449C874361} - (no file)

O2 - BHO: (no name) - {eb0423df-a077-4bc6-bc9b-ead332e5876a} - (no file)

O2 - BHO: (no name) - {EFB80086-3DBA-44FE-BA3B-1616A372CE61} - (no file)

O2 - BHO: (no name) - {f7e0e279-f746-416e-bdf0-8f8a1b3668bd} - (no file)

O2 - BHO: (no name) - {F7FA885E-BEA5-4A8C-B275-B3C457490252} - (no file)

O2 - BHO: (no name) - {facfbf7a-f0be-44e6-9ece-0d624f905422} - (no file)

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [EstEID AIP switch] "C:\Program Files\IT Arendus\ID-kaart\aipswitch.exe" 1

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

O9 - Extra button: UltimateBet - {10F055B8-F443-4adf-948A-EC551E9DBCE4} - C:\Documents and Settings\Mairo\Start Menu\Programs\UltimateBet\UltimateBet.lnk

O9 - Extra 'Tools' menuitem: UltimateBet - {10F055B8-F443-4adf-948A-EC551E9DBCE4} - C:\Documents and Settings\Mairo\Start Menu\Programs\UltimateBet\UltimateBet.lnk

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {096DCF31-53FA-4BA6-A729-D85D29FC0D70} (Detect Class) - https://installer.id.ee/IDInstaller.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab

O20 - AppInit_DLLs: mkplia.dll lqpzjx.dll ertdqp.dll

O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 8812 bytes

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.