|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#1
|
|||
|
|||
spyware & trojan!!! help!!
its my first time here and i don't know wats wrong with my laptop!
i've been receiving message saying "your windows is infected" and there's a red x circle on my taskbar corner!! can anyone help?????? also it won't allow me to run download program (so i cant run my kavs anti virus) does that mean i cant run hijack this??? help please! Last edited by krytpo21; October 29th, 2008 at 07:17 PM. |
#2
|
|||
|
|||
See thsi log!!!! Any help?
Logfile of random's system information tool 1.04 (written by random/random)
Run by Administrator at 2008-10-30 06:31:41 Microsoft Windows XP Professional Service Pack 2 System drive C: has 94 GB (82%) free of 114 GB Total RAM: 511 MB (64% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:32:02 AM, on 10/30/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\System32\svchost.exe C:\WINDOWS.0\Explorer.EXE C:\WINDOWS.0\system32\spoolsv.exe C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe C:\WINDOWS.0\system32\brastk.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS.0\system32\nvsvc32.exe C:\WINDOWS.0\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS.0\system32\wuauclt.exe C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Desktop\RSIT.exe C:\Program Files\trend micro\Administrator.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS.0\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [brastk] brastk.exe O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user') O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O20 - AppInit_DLLs: karna.dat O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS.0\system32\nvsvc32.exe -- End of file - 3953 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run] "NvCplDaemon"=C:\WINDOWS.0\system32\NvCpl.dll [2004-04-15 4866048] "nwiz"=nwiz.exe /installquiet [] "SigmaTel StacMon"=C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe [2003-08-03 98361] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-04-25 201992] "brastk"=C:\WINDOWS.0\system32\brastk.exe [2008-10-30 34816] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run] "TaskSwitchXP"=C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe [2005-08-24 73216] "Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2005-09-12 1654831] "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-20 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="karna.dat" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS.0\system32\klogon.dll [2008-04-25 206088] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System] "DisableCAD"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoSharedDocuments"=1 "NoInstrumentation"=1 "NoSMHelp"=1 "DisableCAD"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer] "ForceClassicControlPanel"= "MemCheckBoxInRunDlg"= "DisableCAD"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "\??\C:\WINDOWS.0\system32\winlogon.exe"="\??\C:\W INDOWS.0\system32\winlogon.exe:*:enabled:@shell32. dll,-1" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" |
#3
|
|||
|
|||
======File associations======
.bat - edit - C:\WINDOWS.0\system32\NOTEPAD2.EXE %1 .cmd - edit - C:\WINDOWS.0\system32\NOTEPAD2.EXE %1 .inf - open - C:\WINDOWS.0\system32\NOTEPAD2.EXE %1 .ini - open - C:\WINDOWS.0\system32\NOTEPAD2.EXE %1 .js - edit - C:\WINDOWS.0\system32\Notepad2.exe %1 .reg - edit - C:\WINDOWS.0\system32\NOTEPAD2.EXE %1 .txt - open - C:\WINDOWS.0\system32\NOTEPAD2.EXE %1 .vbs - edit - C:\WINDOWS.0\system32\Notepad2.exe %1 ======List of files/folders created in the last 1 months====== 2008-10-30 06:31:42 ----D---- C:\Program Files\trend micro 2008-10-30 06:31:41 ----D---- C:\rsit 2008-10-30 01:47:14 ----D---- C:\Program Files\Kaspersky Lab 2008-10-30 01:47:14 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Kaspersky Lab 2008-10-30 01:46:21 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Kaspersky Lab Setup Files 2008-10-30 01:15:12 ----A---- C:\WINDOWS.0\ntbtlog.txt 2008-10-29 22:35:23 ----A---- C:\WINDOWS.0\brastk.exe 2008-10-29 22:34:14 ----A---- C:\WINDOWS.0\system32\delself.bat 2008-10-29 22:34:14 ----A---- C:\WINDOWS.0\system32\brastk.exe 2008-10-29 22:34:14 ----A---- C:\WINDOWS.0\system32\84.tmp 2008-10-29 22:33:59 ----A---- C:\WINDOWS.0\system32\82.tmp 2008-10-29 16:17:40 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Adobe 2008-10-29 16:08:26 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Macromedia 2008-10-29 16:03:20 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Identities 2008-10-29 15:42:03 ----D---- C:\WINDOWS.0\Sun 2008-10-29 15:42:03 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Sun 2008-10-29 06:22:13 ----A---- C:\WINDOWS.0\system32\h323log.txt 2008-10-29 06:19:49 ----A---- C:\WINDOWS.0\system32\usbui.dll 2008-10-29 06:17:54 ----SHD---- C:\WINDOWS.0\Installer 2008-10-29 06:17:54 ----A---- C:\WINDOWS.0\system32\PerfStringBackup.INI 2008-10-29 06:17:53 ----A---- C:\WINDOWS.0\ODBCINST.INI 2008-10-29 06:17:46 ----RA---- C:\WINDOWS.0\system32\kbdtuq.dll 2008-10-29 06:17:46 ----RA---- C:\WINDOWS.0\system32\kbdtuf.dll 2008-10-29 06:17:46 ----RA---- C:\WINDOWS.0\system32\kbdazel.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbduzb.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbdur.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbdtat.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbdmon.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbdkyr.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbdkaz.dll 2008-10-29 06:17:43 ----RA---- C:\WINDOWS.0\system32\kbdaze.dll 2008-10-29 06:17:42 ----RA---- C:\WINDOWS.0\system32\kbdycc.dll 2008-10-29 06:17:42 ----RA---- C:\WINDOWS.0\system32\kbdru1.dll 2008-10-29 06:17:42 ----RA---- C:\WINDOWS.0\system32\kbdru.dll 2008-10-29 06:17:42 ----RA---- C:\WINDOWS.0\system32\kbdbu.dll 2008-10-29 06:17:42 ----RA---- C:\WINDOWS.0\system32\kbdblr.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdhept.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdhela3.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdhela2.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdhe319.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdhe220.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdhe.dll 2008-10-29 06:17:40 ----RA---- C:\WINDOWS.0\system32\kbdgkl.dll 2008-10-29 06:17:38 ----RA---- C:\WINDOWS.0\system32\kbdlv1.dll 2008-10-29 06:17:38 ----RA---- C:\WINDOWS.0\system32\kbdlv.dll 2008-10-29 06:17:38 ----RA---- C:\WINDOWS.0\system32\kbdlt1.dll 2008-10-29 06:17:38 ----RA---- C:\WINDOWS.0\system32\kbdlt.dll 2008-10-29 06:17:38 ----RA---- C:\WINDOWS.0\system32\kbdest.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdycl.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdsl1.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdsl.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdro.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdpl1.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdpl.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdhu1.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdhu.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdcz2.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdcz1.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdcz.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\kbdcr.dll 2008-10-29 06:17:35 ----RA---- C:\WINDOWS.0\system32\KBDAL.DLL 2008-10-29 06:17:32 ----A---- C:\WINDOWS.0\system32\spxcoins.dll 2008-10-29 06:17:32 ----A---- C:\WINDOWS.0\system32\irclass.dll 2008-10-29 06:17:32 ----A---- C:\WINDOWS.0\system32\dgsetup.dll 2008-10-29 06:17:32 ----A---- C:\WINDOWS.0\system32\dgrpsetu.dll 2008-10-29 06:17:31 ----A---- C:\WINDOWS.0\system32\EqnClass.Dll 2008-10-29 06:17:29 ----N---- C:\WINDOWS.0\system32\CONFIG.TMP 2008-10-29 06:17:29 ----A---- C:\WINDOWS.0\TASKMAN.EXE 2008-10-29 06:17:28 ----A---- C:\WINDOWS.0\system32\batt.dll 2008-10-29 06:17:28 ----A---- C:\WINDOWS.0\NOTEPAD.EXE 2008-10-29 06:17:27 ----A---- C:\WINDOWS.0\system32\storprop.dll 2008-10-29 06:17:16 ----ASH---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\desktop.ini 2008-10-29 06:16:47 ----RA---- C:\WINDOWS.0\SET8.tmp 2008-10-29 06:16:44 ----RA---- C:\WINDOWS.0\SET4.tmp 2008-10-29 06:16:42 ----RA---- C:\WINDOWS.0\SET3.tmp 2008-10-29 06:16:37 ----D---- C:\WINDOWS.0\system32\CatRoot2 2008-10-29 06:16:37 ----D---- C:\WINDOWS.0\system32\CatRoot 2008-10-29 06:16:31 ----SD---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft 2008-10-29 06:10:13 ----RSHDC---- C:\WINDOWS.0\system32\dllcache 2008-10-29 06:10:13 ----RSD---- C:\WINDOWS.0\Fonts 2008-10-29 06:10:13 ----RD---- C:\WINDOWS.0\Web 2008-10-29 06:10:13 ----HD---- C:\WINDOWS.0\inf 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\WinSxS 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\twain_32 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Temp 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\wins 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\wbem 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\usmt 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\UPX 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\spool 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\ShellExt 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\Setup 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\ras 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\PreInstall 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\OpenExpert 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\oobe 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\npp 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\mui 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\inetsrv 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\IME 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\icsxml 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\ias 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\export 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\drivers 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\dhcp 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\config 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\3com_dmi 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\3076 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\2052 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1054 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1042 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1041 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1037 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1033 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1031 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1028 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32\1025 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system32 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\system 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\SoftwareDistribution 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\security 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Resources 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\repair 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Provisioning 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\PeerNet 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\pchealth 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\mui 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\msapps 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\msagent 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Media 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\java 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\ime 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Help 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\ehome 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Driver Cache 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Debug 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Cursors 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Connection Wizard 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\Config 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\AppPatch 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\addonsql 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0\addins 2008-10-29 06:10:13 ----D---- C:\WINDOWS.0 2008-10-28 22:46:05 ----A---- C:\WINDOWS.0\system32\ksuser.dll 2008-10-28 22:44:53 ----A---- C:\WINDOWS.0\system32\W70MLRES.DLL 2008-10-28 22:44:53 ----A---- C:\WINDOWS.0\system32\W20MLRES.DLL 2008-10-28 22:43:35 ----D---- C:\WINDOWS.0\nview 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nwiz.exe 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrszht.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrszhc.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrsko.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrsja.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrsit.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrsfr.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrses.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwrsde.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvwddi.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvsysrot.dll 2008-10-28 22:43:15 ----A---- C:\WINDOWS.0\system32\nvsvc32.exe 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvshell.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrszht.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrszhc.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrsko.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrsja.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrsit.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrsfr.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrses.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvrsde.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvoglnt.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvmctray.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvinstnt.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nviewimg.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nview.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nvcpl.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\nv4_disp.dll 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\keystone.exe 2008-10-28 22:43:14 ----A---- C:\WINDOWS.0\system32\dmcpl.exe 2008-10-28 22:42:48 ----D---- C:\Program Files\DIFX 2008-10-28 22:42:37 ----A---- C:\WINDOWS.0\system32\Netw2r32.dll 2008-10-28 22:42:37 ----A---- C:\WINDOWS.0\system32\Netw2c32.dll 2008-10-28 22:42:36 ----DC---- C:\WINDOWS.0\system32\DRVSTORE 2008-10-28 22:41:03 ----D---- C:\temp 2008-10-28 22:36:13 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Free Download Manager 2008-10-28 22:36:05 ----A---- C:\WINDOWS.0\system32\wmpns.dll 2008-10-28 22:34:17 ----RSD---- C:\WINDOWS.0\assembly 2008-10-28 22:34:02 ----D---- C:\WINDOWS.0\Microsoft.NET 2008-10-28 22:33:37 ----ASH---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\desktop.ini 2008-10-28 22:33:35 ----SD---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Microsoft 2008-10-28 22:33:35 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Real 2008-10-28 22:33:35 ----D---- C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Application Data\Mozilla 2008-10-28 22:33:27 ----D---- C:\WINDOWS.0\Prefetch 2008-10-28 22:33:26 ----SD---- C:\WINDOWS.0\system32\Microsoft 2008-10-28 22:33:26 ----A---- C:\WINDOWS.0\SchedLgU.Txt 2008-10-28 22:31:45 ----D---- C:\WINDOWS.0\system32\SoftwareDistribution 2008-10-28 22:31:32 ----A---- C:\WINDOWS.0\system32\rmoc3260.dll 2008-10-28 22:31:32 ----A---- C:\WINDOWS.0\system32\pndx5032.dll 2008-10-28 22:31:32 ----A---- C:\WINDOWS.0\system32\pndx5016.dll 2008-10-28 22:31:32 ----A---- C:\WINDOWS.0\system32\pncrt.dll 2008-10-28 22:31:31 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Real 2008-10-28 22:31:10 ----D---- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Adobe |
#4
|
|||
|
|||
2008-10-28 22:31:02 ----A---- C:\WINDOWS.0\UninstallFirefox.exe
2008-10-28 22:30:44 ----A---- C:\WINDOWS.0\system32\javaws.exe 2008-10-28 22:30:44 ----A---- C:\WINDOWS.0\system32\javaw.exe 2008-10-28 22:30:44 ----A---- C:\WINDOWS.0\system32\java.exe 2008-10-28 22:30:20 ----D---- C:\Program Files\Java 2008-10-28 22:30:04 ----A---- C:\WINDOWS.0\UninstallThunderbird.exe 2008-10-28 22:29:40 ----A---- C:\WINDOWS.0\control.ini 2008-10-28 22:29:18 ----A---- C:\WINDOWS.0\system32\mapi32.dll 2008-10-28 22:28:09 ----SD---- C:\WINDOWS.0\Downloaded Program Files 2008-10-28 22:28:09 ----RD---- C:\WINDOWS.0\Offline Web Pages 2008-10-28 22:28:09 ----RAH---- C:\WINDOWS.0\system32\logonui.exe.manifest 2008-10-28 22:28:00 ----RAH---- C:\WINDOWS.0\system32\cdplayer.exe.manifest 2008-10-28 22:27:32 ----D---- C:\WINDOWS.0\system32\DirectX 2008-10-28 22:27:02 ----A---- C:\WINDOWS.0\system32\atrace.dll 2008-10-28 22:27:00 ----A---- C:\WINDOWS.0\system32\desktop.ini 2008-10-28 22:27:00 ----A---- C:\WINDOWS.0\desktop.ini 2008-10-28 22:26:51 ----A---- C:\WINDOWS.0\system32\acctres.dll 2008-10-28 22:26:47 ----SD---- C:\WINDOWS.0\Tasks 2008-10-28 22:26:43 ----D---- C:\WINDOWS.0\system32\Macromed 2008-10-28 22:26:38 ----A---- C:\WINDOWS.0\system32\wuweb.dll 2008-10-28 22:26:38 ----A---- C:\WINDOWS.0\system32\wucltui.dll 2008-10-28 22:26:38 ----A---- C:\WINDOWS.0\system32\wuauserv.dll 2008-10-28 22:26:38 ----A---- C:\WINDOWS.0\system32\wuaueng1.dll 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\wups.dll 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\wuaueng.dll 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\wuauclt1.exe 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\wuauclt.exe 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\wuapi.dll 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\bitsprx3.dll 2008-10-28 22:26:37 ----A---- C:\WINDOWS.0\system32\bitsprx2.dll 2008-10-28 22:26:36 ----A---- C:\WINDOWS.0\system32\qmgrprxy.dll 2008-10-28 22:26:36 ----A---- C:\WINDOWS.0\system32\qmgr.dll 2008-10-28 22:26:31 ----A---- C:\WINDOWS.0\system32\safrslv.dll 2008-10-28 22:26:31 ----A---- C:\WINDOWS.0\system32\safrdm.dll 2008-10-28 22:26:31 ----A---- C:\WINDOWS.0\system32\safrcdlg.dll 2008-10-28 22:26:30 ----A---- C:\WINDOWS.0\system32\racpldlg.dll 2008-10-28 22:26:26 ----D---- C:\WINDOWS.0\system32\Restore 2008-10-28 22:26:26 ----A---- C:\WINDOWS.0\system32\srsvc.dll 2008-10-28 22:26:26 ----A---- C:\WINDOWS.0\system32\srrstr.dll 2008-10-28 22:26:26 ----A---- C:\WINDOWS.0\system32\srclient.dll 2008-10-28 22:26:26 ----A---- C:\WINDOWS.0\system32\fltMc.exe 2008-10-28 22:26:26 ----A---- C:\WINDOWS.0\system32\fltlib.dll 2008-10-28 22:26:25 ----A---- C:\WINDOWS.0\system32\msoert2.dll 2008-10-28 22:26:25 ----A---- C:\WINDOWS.0\system32\msoeacct.dll 2008-10-28 22:26:24 ----A---- C:\WINDOWS.0\system32\inetres.dll 2008-10-28 22:26:24 ----A---- C:\WINDOWS.0\system32\inetcomm.dll 2008-10-28 22:26:21 ----A---- C:\WINDOWS.0\system32\schedsvc.dll 2008-10-28 22:26:21 ----A---- C:\WINDOWS.0\system32\mstinit.exe 2008-10-28 22:26:21 ----A---- C:\WINDOWS.0\system32\mstask.dll 2008-10-28 22:25:24 ----A---- C:\WINDOWS.0\vbaddin.ini 2008-10-28 22:25:24 ----A---- C:\WINDOWS.0\vb.ini 2008-10-28 22:25:17 ----D---- C:\WINDOWS.0\Registration 2008-10-28 22:24:49 ----D---- C:\Program Files\Attribute Changer 2008-10-28 22:24:41 ----A---- C:\WINDOWS.0\system32\write.exe 2008-10-28 22:24:36 ----A---- C:\WINDOWS.0\system32\sndvol32.exe 2008-10-28 22:24:36 ----A---- C:\WINDOWS.0\system32\hticons.dll 2008-10-28 22:24:35 ----A---- C:\WINDOWS.0\system32\winchat.exe 2008-10-28 22:24:35 ----A---- C:\WINDOWS.0\system32\avwav.dll 2008-10-28 22:24:35 ----A---- C:\WINDOWS.0\system32\avtapi.dll 2008-10-28 22:24:35 ----A---- C:\WINDOWS.0\system32\avmeter.dll 2008-10-28 22:24:26 ----A---- C:\WINDOWS.0\system32\getuname.dll 2008-10-28 22:24:25 ----A---- C:\WINDOWS.0\system32\charmap.exe 2008-10-28 22:24:25 ----A---- C:\WINDOWS.0\system32\calc.exe 2008-10-28 22:24:24 ----A---- C:\WINDOWS.0\system32\winmine.exe 2008-10-28 22:24:24 ----A---- C:\WINDOWS.0\system32\sol.exe 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\usrlogon.cmd 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\tsshutdn.exe 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\tslabels.ini 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\tskill.exe 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\reset.exe 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\mshearts.exe 2008-10-28 22:24:23 ----A---- C:\WINDOWS.0\system32\freecell.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\tsdiscon.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\tscon.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\shadow.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\rwinsta.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\regini.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\rdpcfgex.dll 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\qwinsta.exe 2008-10-28 22:24:22 ----A---- C:\WINDOWS.0\system32\qappsrv.exe 2008-10-28 22:24:21 ----A---- C:\WINDOWS.0\system32\msg.exe 2008-10-28 22:24:21 ----A---- C:\WINDOWS.0\system32\msdtcprf.ini 2008-10-28 22:24:21 ----A---- C:\WINDOWS.0\system32\logoff.exe 2008-10-28 22:24:21 ----A---- C:\WINDOWS.0\system32\cdmodem.dll 2008-10-28 22:24:20 ----A---- C:\WINDOWS.0\system32\mtxlegih.dll 2008-10-28 22:24:20 ----A---- C:\WINDOWS.0\system32\mtxex.dll 2008-10-28 22:24:20 ----A---- C:\WINDOWS.0\system32\mtxdm.dll 2008-10-28 22:24:20 ----A---- C:\WINDOWS.0\system32\dcomcnfg.exe 2008-10-28 22:24:19 ----A---- C:\WINDOWS.0\system32\stclient.dll 2008-10-28 22:24:19 ----A---- C:\WINDOWS.0\system32\comsnap.dll 2008-10-28 22:24:19 ----A---- C:\WINDOWS.0\system32\comrepl.dll 2008-10-28 22:24:19 ----A---- C:\WINDOWS.0\system32\comaddin.dll 2008-10-28 22:24:12 ----A---- C:\WINDOWS.0\system32\wmimgmt.msc 2008-10-28 22:24:10 ----A---- C:\WINDOWS.0\system32\mspaint.exe 2008-10-28 22:24:10 ----A---- C:\WINDOWS.0\system32\hypertrm.dll 2008-10-28 22:24:09 ----A---- C:\WINDOWS.0\system32\spider.exe 2008-10-28 22:24:08 ----A---- C:\WINDOWS.0\system32\tscfgwmi.dll 2008-10-28 22:24:07 ----A---- C:\WINDOWS.0\system32\sessmgr.exe 2008-10-28 22:24:07 ----A---- C:\WINDOWS.0\system32\remotepg.dll 2008-10-28 22:24:07 ----A---- C:\WINDOWS.0\system32\rdshost.exe 2008-10-28 22:24:07 ----A---- C:\WINDOWS.0\system32\rdsaddin.exe 2008-10-28 22:24:07 ----A---- C:\WINDOWS.0\system32\mstscax.dll 2008-10-28 22:24:07 ----A---- C:\WINDOWS.0\system32\mstsc.exe 2008-10-28 22:24:06 ----A---- C:\WINDOWS.0\system32\tscupgrd.exe 2008-10-28 22:24:06 ----A---- C:\WINDOWS.0\system32\termsrv.dll 2008-10-28 22:24:06 ----A---- C:\WINDOWS.0\system32\rdpwsx.dll 2008-10-28 22:24:06 ----A---- C:\WINDOWS.0\system32\rdpsnd.dll 2008-10-28 22:24:06 ----A---- C:\WINDOWS.0\system32\rdpclip.exe 2008-10-28 22:24:06 ----A---- C:\WINDOWS.0\system32\rdchost.dll 2008-10-28 22:24:05 ----D---- C:\WINDOWS.0\system32\MsDtc 2008-10-28 22:24:05 ----A---- C:\WINDOWS.0\system32\qprocess.exe 2008-10-28 22:24:05 ----A---- C:\WINDOWS.0\system32\mtxoci.dll 2008-10-28 22:24:05 ----A---- C:\WINDOWS.0\system32\msdtcuiu.dll 2008-10-28 22:24:05 ----A---- C:\WINDOWS.0\system32\msdtcprx.dll 2008-10-28 22:24:05 ----A---- C:\WINDOWS.0\system32\icaapi.dll 2008-10-28 22:24:05 ----A---- C:\WINDOWS.0\system32\cfgbkend.dll 2008-10-28 22:24:04 ----A---- C:\WINDOWS.0\system32\xolehlp.dll 2008-10-28 22:24:04 ----A---- C:\WINDOWS.0\system32\msdtctm.dll 2008-10-28 22:24:04 ----A---- C:\WINDOWS.0\system32\msdtclog.dll 2008-10-28 22:24:04 ----A---- C:\WINDOWS.0\system32\msdtc.exe 2008-10-28 22:24:03 ----D---- C:\WINDOWS.0\system32\Com 2008-10-28 22:24:03 ----A---- C:\WINDOWS.0\system32\colbact.dll 2008-10-28 22:24:03 ----A---- C:\WINDOWS.0\system32\clbcatex.dll 2008-10-28 22:24:03 ----A---- C:\WINDOWS.0\system32\catsrvps.dll 2008-10-28 22:24:02 ----A---- C:\WINDOWS.0\system32\catsrvut.dll 2008-10-28 22:24:02 ----A---- C:\WINDOWS.0\system32\catsrv.dll 2008-10-28 22:24:01 ----A---- C:\WINDOWS.0\system32\comuid.dll 2008-10-28 22:24:01 ----A---- C:\WINDOWS.0\system32\comsvcs.dll 2008-10-28 22:24:01 ----A---- C:\WINDOWS.0\system32\clbcatq.dll 2008-10-28 22:23:54 ----A---- C:\WINDOWS.0\system32\servdeps.dll 2008-10-28 22:23:54 ----A---- C:\WINDOWS.0\system32\mmfutil.dll 2008-10-28 22:23:54 ----A---- C:\WINDOWS.0\system32\licwmi.dll 2008-10-28 22:23:54 ----A---- C:\WINDOWS.0\system32\cmprops.dll 2008-10-28 17:17:37 ----D---- C:\Program Files\Alwil Software 2008-10-28 07:18:25 ----D---- C:\Program Files\Lavasoft 2008-10-28 07:17:58 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2008-10-28 06:43:41 ----D---- C:\Program Files\NoAdware 2008-10-28 06:13:50 ----D---- C:\a149ba2c150286148a80 2008-10-27 21:36:02 ----D---- C:\Program Files\Windows Live Safety Center 2008-10-27 19:23:17 ----D---- C:\Program Files\7-Zip 2008-10-27 18:40:42 ----D---- C:\Program Files\XP_AntiSpyware 2008-10-27 16:35:04 ----D---- C:\Downloads 2008-10-19 17:41:12 ----D---- C:\Program Files\ffdshow 2008-10-19 00:19:53 ----D---- C:\Program Files\NextLink 2008-10-03 12:04:13 ----D---- C:\Program Files\Intuwave 2008-10-03 12:04:08 ----D---- C:\Program Files\Symbian 2008-10-03 12:03:55 ----D---- C:\Program Files\Common Files\Sony Ericsson Shared 2008-10-03 12:03:53 ----D---- C:\Program Files\Common Files\Teleca Shared 2008-10-03 12:03:52 ----D---- C:\Program Files\Sony Ericsson 2008-10-02 11:10:10 ----D---- C:\Program Files\Microsoft ActiveSync 2008-10-02 11:09:51 ----D---- C:\Program Files\Common Files\DESIGNER 2008-10-02 11:09:38 ----D---- C:\Program Files\Microsoft.NET 2008-10-02 11:09:38 ----D---- C:\Program Files\Microsoft Office 2008-10-02 11:08:05 ----RHD---- C:\MSOCache |
#5
|
|||
|
|||
======List of files/folders modified in the last 1 months======
2008-10-30 06:31:42 ----RD---- C:\Program Files 2008-10-30 06:10:41 ----D---- C:\Program Files\Mozilla Firefox 2008-10-29 16:02:38 ----D---- C:\Program Files\MSN Messenger 2008-10-29 15:42:46 ----SHD---- C:\RECYCLER 2008-10-29 06:17:47 ----A---- C:\WINDOWS.0\system.ini 2008-10-28 22:46:02 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-28 22:33:35 ----D---- C:\Documents and Settings 2008-10-28 22:31:48 ----D---- C:\Program Files\WinRAR 2008-10-28 22:31:34 ----D---- C:\Program Files\Real Alternative 2008-10-28 22:31:27 ----D---- C:\Program Files\MozBackup 2008-10-28 22:30:57 ----D---- C:\Program Files\Free Download Manager 2008-10-28 22:30:04 ----D---- C:\Program Files\Mozilla Thunderbird 2008-10-28 22:30:04 ----A---- C:\WINDOWS.0\win.ini 2008-10-28 22:26:52 ----D---- C:\Program Files\Windows Media Player 2008-10-28 22:26:51 ----D---- C:\Program Files\Common Files\Services 2008-10-28 22:26:47 ----D---- C:\Program Files\Outlook Express 2008-10-28 22:26:25 ----D---- C:\Program Files\Common Files\System 2008-10-28 22:26:13 ----D---- C:\Program Files\Internet Explorer 2008-10-28 22:24:57 ----D---- C:\Program Files\Unlocker 2008-10-28 22:24:57 ----D---- C:\Program Files\RegShot 2008-10-28 22:24:56 ----D---- C:\Program Files\TaskSwitchXP 2008-10-28 22:24:48 ----D---- C:\Program Files\CCleaner 2008-10-28 22:24:35 ----D---- C:\Program Files\Windows NT 2008-10-28 22:22:47 ----SH---- C:\boot.ini 2008-10-28 18:07:40 ----D---- C:\WINDOWS 2008-10-28 07:17:58 ----D---- C:\Program Files\Common Files 2008-10-27 21:23:34 ----SHD---- C:\System Volume Information 2008-10-13 16:45:25 ----D---- C:\Program Files\LimeWire 2008-10-03 12:03:53 ----D---- C:\Program Files\Common Files\Microsoft Shared ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel Processor Driver; C:\WINDOWS.0\system32\DRIVERS\intelppm.sys [2005-10-16 36096] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS.0\system32\DRIVERS\klif.sys [2008-10-30 187408] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS.0\system32\DRIVERS\arp1394.sys [2005-11-29 60800] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS.0\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS.0\system32\DRIVERS\klim5.sys [2008-03-25 24592] R3 NIC1394;1394 Net Driver; C:\WINDOWS.0\system32\DRIVERS\nic1394.sys [2005-11-29 61824] R3 nv;nv; C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys [2004-04-15 1376268] R3 sdbus;sdbus; C:\WINDOWS.0\system32\DRIVERS\sdbus.sys [2005-10-15 67584] R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS.0\system32\drivers\stac97.sys [2003-07-17 230416] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS.0\system32\DRIVERS\usbehci.sys [2005-10-23 27008] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS.0\system32\DRIVERS\usbhub.sys [2005-10-15 57856] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS.0\system32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS.0\system32\DRIVERS\w29n51.sys [2006-06-29 2206720] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS.0\system32\DRIVERS\USBSTOR.SYS [2004-12-28 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS.0\system32\nvsvc32.exe [2004-04-15 90112] S2 AVP;Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe [2008-04-25 201992] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\as pnet_state.exe [2005-09-23 29896] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\ms corsvw.exe [2005-09-23 66240] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS.0\system32\wdfmgr.exe [2005-11-24 47616] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-20 97136] -----------------EOF----------------- |
#6
|
|||
|
|||
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS.0\INF\PCHealth.inf Adobe Flash Player 10 Plugin-->C:\WINDOWS.0\system32\Macromed\Flash\uninstall_pl ugin.exe Adobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002} Attribute Changer 5.23-->C:\Program Files\Attribute Changer\uninstall.exe Free Download Manager 1.9-->"C:\Program Files\Free Download Manager\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050} Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} Kaspersky Anti-Virus 2009-->MsiExec.exe /I{6580C5A3-2336-4EC5-85F1-3448C5F6208A} Microsoft .NET Framework 2.0-->C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\M icrosoft .NET Framework 2.0\install.exe MozBackup 1.4.3-->"C:\Program Files\MozBackup\unins000.exe" Mozilla Firefox (1.5)-->C:\WINDOWS.0\UninstallFirefox.exe /ua "1.5 (en-US)" Mozilla Thunderbird (1.5)-->C:\WINDOWS.0\UninstallThunderbird.exe /ua "1.5 (en-US)" NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS.0\system32\nvinstnt.dll,NvUninstallNT4 nvts.inf Real Alternative 1.45-->"C:\Program Files\Real Alternative\unins000.exe" RegShot 1.7-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\UberPack.inf,reguninstall SigmaTel AC97 Audio Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7959721D-8268-4565-9E0E-C41A9F4848A9}\setup.exe" -l0x9 -nodialog -uninstall TaskSwitchXP-->C:\Program Files\TaskSwitchXP\uninst.exe Windows Driver Package - Intel (NETw3x32) net (07/26/2006 10.5.1.59)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC4 57D98997\DPInst.EXE /u C:\WINDOWS.0\system32\DRVSTORE\netw39x5_4FEAD36D67 763DF9A95BB5067E0B102E4543CF4A\netw39x5.inf Windows Driver Package - Intel (w29n51) net (06/26/2006 9.0.4.17)-->C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC4 57D98997\DPInst.EXE /u C:\WINDOWS.0\system32\DRVSTORE\w29n51_605F72EAF6B2 D8047B47B3889747852378DC95C3\w29n51.inf Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F} WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe ======Hosts File====== 127.0.0.1 NtKrnlpa.cn Securitycenter WMI appears to be broken ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0d06 "NUMBER_OF_PROCESSORS"=1 "DEVMGR_SHOW_DETAILS"=1 "DEVMGR_SHOW_NONPRESENT_DEVICES"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- |
#7
|
||||
|
||||
Hi krytpo21. I have merged your topics to avoid duplication of replies. Please post all replies to this topic and dont start any new threads. Also do not run any utilities or install any new software while I am helping you.
Please download SDFix from here and save it to your desktop. Reboot into Safe Mode (reboot and tap the F8 key continuously as your computer restarts and select Safe Mode). In Safe Mode, doubleclick on SDFix.exe and click on Install. Navigate to C:\SdFix, open the SdFix folder and double click RunThis.bat to start the script. Type Y to begin the script. It will remove any Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. When you hit any key, your computer will reboot. Your system will take a lot longer than normal to restart as the fixtool will be running and removing files. When your desktop loads, the utility will complete the removal and display Finished. Press any key again to end the script and load your desktop icons. Finally open the SDFix folder on your desktop and copy and paste the contents of Report.txt back in this thread with a new RSIT log (dont worry about info.txt). |
#8
|
|||
|
|||
Tht's the report from the SDfix
SDFix: Version 1.238 Run by Administrator on Thu 10/30/2008 at 07:29 PM Microsoft Windows XP [Version 5.1.2600] Running From: C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Desktop\SDFix\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Restoring Missing Security Center Service Resetting AppInit_DLLs value Rebooting Infected beep.sys Found! beep.sys File Locations: "C:\WINDOWS.0\system32\dllcache\beep.sys" 28160 10/30/2008 02:53 PM "C:\WINDOWS.0\system32\drivers\beep.sys" 28160 10/30/2008 02:53 PM Infected File Listed Below: C:\WINDOWS.0\system32\dllcache\beep.sys C:\WINDOWS.0\system32\drivers\beep.sys File copied to Backups Folder Attempting to replace beep.sys with original version Original beep.sys Restored "C:\WINDOWS.0\system32\dllcache\beep.sys" 4224 08/07/2008 03:27 PM "C:\WINDOWS.0\system32\drivers\beep.sys" 4224 08/07/2008 03:27 PM Checking Files : Trojan Files Found: C:\DOCUME~1\ADMINI~1\COOKIES\PYPYHUBI.BAN - Deleted C:\DOCUME~1\ADMINI~1\COOKIES\IGYSUMY.SCR - Deleted C:\DOCUME~1\ADMINI~1\COOKIES\UJUSIB~1.SCR - Deleted C:\DOCUME~1\ADMINI~1\COOKIES\ONUDAJ.SYS - Deleted C:\Program Files\XP_Antispyware\Uninstall.exe - Deleted C:\DOCUME~1\ADMINI~1.STE\LOCALS~1\Temp\tmp10.tmp - Deleted C:\WINDOWS.0\system32\2.tmp - Deleted C:\WINDOWS.0\system32\4.tmp - Deleted C:\WINDOWS.0\system32\2.tmp - Deleted C:\WINDOWS.0\system32\wini10331.exe - Deleted C:\WINDOWS.0\brastk.exe - Deleted C:\WINDOWS.0\karna.dat - Deleted C:\WINDOWS.0\system32\brastk.exe - Deleted C:\WINDOWS.0\system32\delself.bat - Deleted C:\WINDOWS.0\system32\karna.dat - Deleted Folder C:\Program Files\XP_Antispyware - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-30 19:32:49 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwOpenFile scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "\\??\\C:\\WINDOWS.0\\system32\\winlogon.exe"="\\? ?\\C:\\WINDOWS.0\\system32\\winlogon.exe:*:enabled :@shell32.dll,-1" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : File Backups: - C:\DOCUME~1\ADMINI~1.STE\Desktop\SDFix\SDFix\backu ps\backups.zip Files with Hidden Attributes : Finished! |
#9
|
|||
|
|||
oh and also i was like looking at the other thread with the same problem as mine
and you told them to use kaspersky scan online and i kinda did that so heres the report for it Friday, October 31, 2008 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Thursday, October 30, 2008 10:59:18 Records in database: 1360277 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area Critical Areas C:\Documents and Settings\Administrator.STEFEN-ECB31D19\Start Menu\Programs\Startup C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup C:\Program Files C:\WINDOWS.0 Scan statistics Files scanned 16155 Threat name 3 Infected objects 508 Suspicious objects 0 Duration of the scan 00:22:15 File name Threat name Threats count C:\WINDOWS.0\system32\spoolsv.exe/C:\WINDOWS.0\system32\spoolsv.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe/C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe/C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nvsvc32.exe/C:\WINDOWS.0\system32\nvsvc32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\System32\alg.exe/C:\WINDOWS.0\System32\alg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\explorer.exe/C:\WINDOWS.0\explorer.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Firefox\firefox.exe/C:\Program Files\Mozilla Firefox\firefox.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\internet explorer\iexplore.exe/C:\Program Files\internet explorer\iexplore.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\7-Zip\7z.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\7-Zip\7zFM.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\7-Zip\7zG.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Alcohol Soft\Alcohol 120\AxCmd.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindIPSecCfg.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Alwil Software\Avast4\ashSkPck.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Alwil Software\Avast4\aswRegSvr.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Attribute Changer\acmain.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CCleaner\ccleaner.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Inte l32\DotNetInstaller.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05\launcher.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05\zipper.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Teleca Shared\Backup Manager\BackupArchiveServer.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Common Files\Teleca Shared\SequentialStarter.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CyberLink\Common\UpdateIPR.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CyberLink\PowerDVD\cldma.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CyberLink\PowerDVD\cltest.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CyberLink\PowerDVD\ddtester.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CyberLink\PowerDVD\dvdrgn.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\EA SPORTS\FIFA Manager 06\eauninstall.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\EA SPORTS\FIFA Manager 06\Support\EasyInfo.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\EA SPORTS\FIFA Manager 06\Support\EReg.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\EA SPORTS\FIFA Manager 06\Support\FIFA Manager 06_code.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\EA SPORTS\FIFA Manager 06\Support\FIFA Manager 06_uninst.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Free Download Manager\fdm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Free Download Manager\Updater.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intel\Wireless\Bin\DrWiFi.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intel\Wireless\Bin\iWrap.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intel\Wireless\Bin\PfWizard.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Internet Explorer\iedw.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Internet Explorer\IEXPLORE.EXE Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouter.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouter3ComCo nnect.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterUninst all.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterWidCom mSupport12.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterWidCom mSupport13.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterWidCom mSupport14.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterWidCom mSupport143.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\java.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\javacpl.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\javaw.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\javaws.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\keytool.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\kinit.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\klist.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\ktab.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\orbd.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\pack200.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\policytool.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\rmid.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\rmiregistry.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\servertool.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\tnameserv.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Java\jre1.5.0_05\bin\unpack200.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Media Player Classic\mplayerc.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MozBackup\Backup.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Firefox\firefox.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Firefox\uninstall\UninstallFirefox.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Firefox\updater.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Firefox\xpicleanup.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Thunderbird\extensions\talkback@mozilla.org\compon ents\talkback.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Thunderbird\regxpcom.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Thunderbird\thunderbird.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Thunderbird\uninstall\UninstallThunderbird.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Thunderbird\updater.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Mozilla Thunderbird\xpicleanup.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\MSN Gaming Zone\Windows\zClientm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\NextLink\GOGOBOX\GFSCAgent.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\NextLink\GOGOBOX\gogobox.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Outlook Express\msimn.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Outlook Express\oemig50.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Outlook Express\setup50.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Outlook Express\wab.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Outlook Express\wabmig.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Real Alternative\mpclauncher.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Real Alternative\settings.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Real Alternative\Update_OB\upgrdhlp.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\RegShot\regshot.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\3rdPartyInstaller\PhoneAppMgr.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Backup Manager\BMUI.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Connection Wizard\ConnectionWizard.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Download Language\DownloadLanguage.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\File Manager\dmassist.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Networking Wizard\mnadmin.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Networking Wizard\mngui.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\caleditatl.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\catcheventatl.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\closedbgout.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\dbgout.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\epmworker.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\epm_util.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\setdbgout.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\setregsecurity.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Mobile Phone Monitor\ToshibaBTServer.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Notifier\Notifier.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP Pim.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\DXP SyncML.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\SyncController.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\SyncEngineApp.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\SyncMLDesktopServer.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\SyncStarter.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\SyncTime\SyncTime.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Sony Ericsson\Mobile4\Telecalib\Log Settings\LogSettings.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\TaskSwitchXP\ConfigTsXP.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\TOSHIBA\Speech System NLS\TosvceN.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\TOSHIBA\Speech System NLS\ToswbrN.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Unlocker\Unlocker.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\migrate.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\mplayer2.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\setup_wm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\wmlaunch.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\wmpenc.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\wmplayer.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows Media Player\wmsetsdk.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows NT\Accessories\wordpad.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows NT\dialer.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows NT\hypertrm.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\Windows NT\Pinball\PINBALL.EXE Infected: Virus.Win32.Virut.bw 1 C:\Program Files\WinRAR\Rar.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\WinRAR\RarExtLoader.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\WinRAR\Uninstall.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\WinRAR\UnRAR.exe Infected: Virus.Win32.Virut.bw 1 C:\Program Files\WinRAR\WinRAR.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\ERDNT\Hiv-backup\ERDNT.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\ERUNT\SDFIX\ERDNT.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\ERUNT\SDFIX_First_Run\ERDNT.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\explorer.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\fdsv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\filemon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\grep.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\hh.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\inf\unregmp2.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\NETFXSBS10.ex e Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\as pnet_compiler.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\as pnet_regbrowsers.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\as pnet_regsql.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Ca sPol.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\df svc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\IE Exec.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\In stallUtil.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\js c.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\MS Build.exe Infected: Virus.Win32.Virut.bw 1 |
#10
|
|||
|
|||
C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Re gAsm.exe Infected: Virus.Win32.Virut.bw 1
C:\WINDOWS.0\Microsoft.NET\Framework\v2.0.50727\Re gSvcs.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\msagent\agentsvr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\mui\muisetup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\NIRCMD.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\NOTEPAD.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pagedfrg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\helpctr\binaries\HelpCtr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\helpctr\binaries\HelpHost.ex e Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\helpctr\binaries\HelpSvc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\helpctr\binaries\HscUpd.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\helpctr\binaries\msconfig.ex e Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\helpctr\binaries\notiflag.ex e Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\pchealth\UploadLB\Binaries\UploadM.ex e Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\psshutdown.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\regedit.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\RootkitRevealer.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\sed.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\SWREG.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\SWSC.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\SWXCACLS.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\sync.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\actmovie.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ahui.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\alg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\arp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\asr_fmt.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\asr_ldm.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\asr_pfu.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\at.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\atmadm.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\attrib.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\auditusr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\bootcfg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\bootok.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\BootVis.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\bootvrfy.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cabarc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cacls.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\CDImageGUI.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\charmap.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\chkdsk.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\chkntfs.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cipher.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ckcnv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cleanmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cliconfg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\clipsrv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cmd.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cmdl32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cmdow.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cmmon32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cmstp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\Com\comrepl.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\Com\comrereg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\comp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\compact.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\config\systemprofile\7zS88A. tmp\setup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\config\systemprofile\SendTo\ CabTool.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\conime.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\Contig.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\control.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\convert.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\CProcess.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\cscript.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ctfmon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dcomcnfg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ddeshare.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\defrag.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dfrgfat.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dfrgntfs.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\diantz.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\diskpart.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\diskperf.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dllhost.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dllhst3g.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dmadmin.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dmcpl.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dmremote.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\doskey.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dplaysvr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dpnsvr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dpvsetup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\driverquery.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\drwtsn32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dumprep.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dvdplay.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dvdupgrd.exe Infected: Trojan.Win32.Pakes.lhx 1 C:\WINDOWS.0\system32\dwwin.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\dxdiag.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\esentutl.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\eudcedit.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\eventcreate.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\eventtriggers.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\eventvwr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\expand.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\extrac32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\find.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\findstr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\finger.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fixmapi.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fltMc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fontview.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\forcedos.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\freecell.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fsquirt.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fsutil.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ftp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\fypeme.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\getmac.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\gpresult.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\gpupdate.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\grpconv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\hdashcut.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\help.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\hostname.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\iconsext.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ie4uinit.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\iexpress.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\imapi.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ipconfig.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ipsec6.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ipv6.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ipxroute.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\java.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\javaw.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\javaws.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\junction.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\keystone.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\label.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\lights.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\lnkstub.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\locator.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\lodctr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\logagent.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\logman.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\logoff.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\logonui.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\lpq.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\lpr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\makecab.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\migpwd.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mmc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mobsync.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\modifyPE.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mountvol.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mpnotify.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mqbkup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mqsvc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mqtgsvc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mrinfo.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\msdtc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\msg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mshearts.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mshta.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\msiexec.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mspaint.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mstinit.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\mstsc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\myuninst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nbtstat.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nddeapir.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\net.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\net1.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\netdde.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\netsetup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\netsh.exe Infected: Virus.Win32.Virut.bw 1 |
#11
|
|||
|
|||
C:\WINDOWS.0\system32\netstat.exe Infected: Virus.Win32.Virut.bw 1
C:\WINDOWS.0\system32\notepad.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\Notepad2.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\npp\nppagent.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nslookup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ntbackup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ntsd.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ntvdm.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nvsvc32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nwiz.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\nwscript.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\odbcad32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\odbcconf.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\oobe\msoobe.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\oobe\oobebaln.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\OpenExpert\OpenExpert.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\openfiles.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\osuninst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\packager.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\pathping.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\pentnt.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\perfmon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ping.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ping6.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\powercfg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\print.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\progman.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\proquota.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\proxycfg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\pserv2.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\qappsrv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\qprocess.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\qwinsta.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rasautou.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rasdial.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rasphone.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rcimlby.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rcp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rdpclip.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rdsaddin.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rdshost.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\recover.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\reg.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\regedt32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\regini.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\regsvr32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\regwiz.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\relog.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\replace.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\reset.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\RESHACK.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\Restore\rstrui.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\Restore\srdiag.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rexec.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\route.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\routemon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsh.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsm.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsmsink.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsmui.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsnotify.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsopprov.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rsvp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\runas.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rundll32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\runonce.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\rwinsta.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\SAFEXP.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\savedump.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\scardsvr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\schtasks.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\scrnsave.scr Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sdbinst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\secedit.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sessmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\setup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sfc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\shadow.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\shexview.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\shmgrate.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\shmnview.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\shrpubw.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\shutdown.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sigverif.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\smbinst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\smlogsvc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sndvol32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sol.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sort.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\spider.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\spiisupd.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\spnpinst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\spoolsv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ssmypics.scr Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\stimon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\strun.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\subst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\syskey.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\sysocmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\systeminfo.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\systray.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\taskkill.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tasklist.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\taskman.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\taskmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tcmsetup.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tcpsvcs.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\telnet.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tftp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tlntadmn.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tlntsess.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tlntsvr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tracerpt.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tracert.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tracert6.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tscon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tscupgrd.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tsdiscon.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tskill.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\tsshutdn.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\typeperf.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\unlodctr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\upnpcont.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\ups.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\UPX\UPX.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\UPX.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\UPXShell.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\userinit.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usmt\migload.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usmt\migwiz.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usmt\migwiza.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usmt\migwiz_a.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usrmlnka.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usrprbda.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\usrshuta.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\uWDF.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\VCdControlTool.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\verifier.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\vssadmin.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\vssvc.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\w32tm.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\mofcomp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\scrcons.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\unsecapp.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\wbemtest.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\winmgmt.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\wmiadap.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\wmiapsrv.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\wmic.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wbem\wmiprvse.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wdfmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wextract.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wiaacmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\winhlp32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\winmine.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\winmsd.exe Infected: Trojan.Win32.Pakes.lhy 1 C:\WINDOWS.0\system32\winver.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wpabaln.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wpnpinst.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\write.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wscript.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wul.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\wupdmgr.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\system32\xcopy.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\TASKMAN.EXE Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\TimeZone.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\twunk_32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\UninstallFirefox.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\UninstallThunderbird.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\VFIND.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\winhlp32.exe Infected: Virus.Win32.Virut.bw 1 C:\WINDOWS.0\zip.exe Infected: Virus.Win32.Virut.bw 1 |
#12
|
|||
|
|||
i don't know if what i'm doing is right or wrong
so yeh correct me and also it won't allow me to run any kind of setup.exe! |
#13
|
||||
|
||||
I am really sorry krpto21 but your infection is far worse than the other topic you were looking at. Almost every executable file in your operating system is infected with Virut and those that are not, will be shortly. The only safe fix for this particular infection is to reformat and clean install XP.
|
#14
|
|||
|
|||
how do u reformat and clean it???
|
#15
|
|||
|
|||
but i don;t have the recovery cd!
thats tht mean my laptop is dead now???? |
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
spyware trojan I think | jpopus | Malware Removal | 3 | August 20th, 2008 12:23 AM |
Help please! LMD Trojan + other spyware | anderson405 | Malware Removal | 5 | August 20th, 2007 06:08 PM |
Spyware and Trojan Fun | xbooch | Malware Removal | 1 | June 12th, 2006 10:08 PM |
Trojan, Spyware, Won't go away, HELP!! | tawnycts26 | Malware Removal | 11 | June 5th, 2005 09:47 AM |
Is it Spyware or a Trojan? | ferrari_82_08 | Malware Removal | 3 | April 10th, 2005 04:06 PM |
All times are GMT +1. The time now is 02:22 AM.