My hjt log Logfile of HijackThis v1.99.1 Scan saved at 4:23:54 AM, on 7/22/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\WgaTray.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Common Files\{C898C5E8-08A2-1033-1214-050303060001}\Update.exe C:\Program Files\Steam\Steam.exe C:\Program Files\Xfire\Xfire.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\ntvdm.exe C:\Documents and Settings\\Desktop\HijackThis_v1.99.1.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\efcdbaa.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt1.dll O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148135882875 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: efcdbaa - C:\WINDOWS\SYSTEM32\efcdbaa.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winjyp32 - winjyp32.dll (file missing) O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\WINDOWS\system32\pmnqguh.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe any help will be greatly appreciated
Hi again Name05 You got infections... Download SmitfraudFix.zip to your desktop -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip Unzip it (folder named SmitFraudFix) to your desktop: Open the folder SmitfraudFix and doubleclick smitfraudfix.cmd Choose option #1 - Search by typing 1 and pressing "Enter"; a textfile opens and lists the infected files (if those exist) Post the contents of this textfile to here. (Some antiviruses recognises process.exe as a malware. It is not malware, it is a program that stops processes)
Here is my smitfraud log SmitFraudFix v2.74 Scan done at 11:43:50.60, Sun 07/23/2006 Run from C:\Documents and Settings\Juston Worthington\Desktop\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in normal mode »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\ixt?.dll FOUND ! C:\WINDOWS\system32\ixt??.dll FOUND ! C:\WINDOWS\system32\ot.ico FOUND ! C:\WINDOWS\system32\components\flx?.dll FOUND ! C:\WINDOWS\system32\components\flx??.dll FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Juston Worthington\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\JUSTON~1\FAVORI~1 C:\DOCUME~1\JUSTON~1\FAVORI~1\Antivirus Test Online.url FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}" »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End
Ok we'll continue... Cleaning instructions: Download and install Ewido Anti-Spyware 4.0 -> http://www.ewido.net/en/download/ -> Open Ewido Anti-Spyware -> Click the Update icon at the top of the window -> Click the Start update button -> Wait for the update to download and install -> Quit the program, we'll use this later. Download ATF Cleaner by Atribune to your desktop -> http://www.atribune.org/ccount/click.php?id=1 Do NOT run yet. Go to Control Panel -> Add/Remove programs -> Remove ToolBar888 if found Download VundoFix.exe to your desktop -> http://www.atribune.org/ccount/click.php?id=4 * Double-click VundoFix.exe to run it. * Put a check next to Run VundoFix as a task. * You will receive a message saying vundofix will close and re-open in a minute or less. Click OK * When VundoFix re-opens, click the Scan for Vundo button. * Once it's done scanning, click the Remove Vundo button. * You will receive a prompt asking if you want to remove the files, click YES * Once you click yes, your desktop will go blank as it starts removing Vundo. * When completed, it will prompt that it will shutdown your computer, click OK. * Turn your computer back on Run HijackThis. Press Do a system scan only, then close all other windows, checkmark the following entries and press Fix checked O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\efcdbaa.dll O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt1.dll O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll (file missing) O20 - Winlogon Notify: efcdbaa - C:\WINDOWS\SYSTEM32\efcdbaa.dll O20 - Winlogon Notify: winjyp32 - winjyp32.dll (file missing) O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\WINDOWS\system32\pmnqguh.dll (file missing) Make your hidden files visible -> http://www.bleepingcomputer.com/tutorials/tutorial62.html Restart your computer to the safemode -> http://www.pchell.com/support/safemode.shtml Delete these folders (if found): C:\Program Files\ToolBar888 Use the Windows "search" function -> Start -> Search -> All files and folders -> More advanced options Checkmark these options: - "Search system folders" - "Search hidden files and folders" - "Search subfolders" ->Search for this and delete if found: winjyp32.dll Run ATF Cleaner -> Check select all -> Press Empty selected When in safemode, open SmitfraudFix folder and doubleclick the file smitfraudfix.cmd Choose option #2 - Clean by typing 2 and pressing "Enter" in order to remove the infected files. You are asked: "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove your desktop wallpaper and the infected registry keys. The tool checks if wininet.dll file is infected. You might be asked to replace the infected .dll (if found); answer "Yes" by typing Y and press "Enter". The tool might have to restart your computer; if it won't do it, restart your computer back to normal mode. A textfile will appear after the cleaning process, copy this file and paste it to here. Tha log is saved to your local diskdrive, usually C:\rapport.txt. Warning : Running option 2 in a clean computer will delete your desktop wallpaper. -> Open Ewido Anti-Spyware -> Click the Scanner icon at the top of the window -> Click the Settings tab then select Recommended Options and choose Quarantine -> Click the Scan tab -> Select Complete System Scan. The scanning begins. -> When the scan has completed: -> If infections were found you'll be prompted about what to do. -> Please make sure that the Set all elements to is set to Quarantine (in downleft corner of the window) -> Then press Apply all actions and answer yes to all if it asks about something -> Click on the Save Scan Report button and save the scan to your Desktop. -> Copy and paste the scan results into your next post Post the following logs to here: -> a fresh HijackThis log -> Ewido's log -> Contents of C:\Rapport.txt -> Contents of C:\Vundofix.txt
[bold]HijackThis[/bold] Logfile of HijackThis v1.99.1 Scan saved at 6:31:35 PM, on 7/23/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Steam\Steam.exe C:\WINDOWS\system32\WgaTray.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\Winamp\Winamp.exe C:\Documents and Settings\Juston Worthington\Desktop\HijackThis_v1.99.1.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148135882875 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [bold]Ewido[/bold] --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 6:30:18 PM 7/23/2006 + Scan result: C:\VundoFix Backups\awtqn.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtqo.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtqp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtqq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtqr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtsp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtsq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtsr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtss.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awtst.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvtq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvtr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvts.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvtt.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvtu.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvvs.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvvt.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvvu.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvvv.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\awvvw.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddaba.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddabb.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddabc.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddabx.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddaby.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddaya.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddayv.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddayw.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddayx.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddayy.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddcca.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddccb.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddccc.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddccd.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddccy.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddcya.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddcyv.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddcyw.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddcyx.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ddcyy.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\efcdbaa.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebca.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebcb.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebcc.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebcd.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebcy.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebya.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebyv.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebyw.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebyx.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\gebyy.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geeba.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geebb.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geebc.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geebx.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geeby.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geeda.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geedb.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geedc.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geedd.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\geede.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhfc.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhfd.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhfe.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhff.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhfg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhhe.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhhf.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhhg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhhh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkhhi.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkjg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkjh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkji.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkjj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkjk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkli.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkklj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkklk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkkll.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\jkklm.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljgd.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljge.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljgf.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljgg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljgh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljjg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljjh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljji.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljjj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mljjk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mlljg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mlljh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mllji.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mlljj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mlljk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mllmj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mllmk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mllml.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mllmm.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\mllmn.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkhe.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkhf.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkhg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkhh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkhi.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkjg.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkjh.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkji.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkjj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmkjk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnli.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnlj.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnlk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnll.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnlm.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnnk.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnnl.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnnm.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnnn.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\pmnno.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqpm.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqpn.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqpo.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqpp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqpq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqro.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqrp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqrq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqrr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssqrs.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\sstqn.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\sstqo.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\sstqp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\sstqq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\sstqr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssttq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssttr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\sstts.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssttt.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\ssttu.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtsqn.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtsqo.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtsqp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtsqq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtsqr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtstq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtstr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtsts.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtstt.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtstu.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vturo.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vturp.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vturq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vturr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vturs.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtutq.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtutr.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtuts.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtutt.dll -> Adware.Virtumonde : No action taken. C:\VundoFix Backups\vtutu.dll -> Adware.Virtumonde : No action taken. :mozilla.196:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.247realmedia : No action taken. :mozilla.178:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.180:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.181:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.182:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.192:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.64:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Adbrite : No action taken. :mozilla.184:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Addynamix : No action taken. :mozilla.68:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.69:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.70:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.71:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.72:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Adrevolver : No action taken. :mozilla.38:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.39:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.40:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.41:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.42:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.36:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Atdmt : No action taken. :mozilla.198:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Burstnet : No action taken. :mozilla.199:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Burstnet : No action taken. :mozilla.200:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Burstnet : No action taken. :mozilla.82:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.83:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.304:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Clickbank : No action taken. :mozilla.54:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.216:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.217:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.218:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.223:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.60:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.61:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.62:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.63:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.305:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.207:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.208:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.209:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.219:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.222:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.265:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.266:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.232:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitslink : No action taken. :mozilla.233:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitslink : No action taken. :mozilla.234:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitslink : No action taken. :mozilla.235:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Hitslink : No action taken. :mozilla.194:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken. :mozilla.278:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Qksrv : No action taken. :mozilla.282:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Qksrv : No action taken. :mozilla.175:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken. :mozilla.176:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken. :mozilla.177:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken. :mozilla.290:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.293:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.294:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.295:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.251:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Ru4 : No action taken. :mozilla.252:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Ru4 : No action taken. :mozilla.90:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken. :mozilla.91:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken. :mozilla.92:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken. :mozilla.93:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken. :mozilla.297:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.311:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Tracking101 : No action taken. :mozilla.8:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken. :mozilla.9:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken. :mozilla.55:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.56:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.57:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.58:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.59:C:\Documents and Settings\Juston Worthington\Application Data\Mozilla\Firefox\Profiles\nirqj598.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. ::Report end [bold]Rapport.txt[/bold] SmitFraudFix v2.74 Scan done at 18:09:17.42, Sun 07/23/2006 Run from C:\Documents and Settings\Juston Worthington\Desktop\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\system32\ixt?.dll Deleted C:\WINDOWS\system32\ot.ico Deleted C:\WINDOWS\system32\components\flx?.dll Deleted C:\DOCUME~1\JUSTON~1\FAVORI~1\Antivirus Test Online.url Deleted »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End [bold]VundoFix.txt[/bold] VundoFix V5.1.5 Running as SYSTEM from c:\windows\system32\VundoFix.exe Checking Java version... Java version is 1.5.0.3 Java version is 1.5.0.6 Scan started at 1:50:03 PM 7/23/2006 Listing files found while scanning.... C:\windows\system32\awtqn.dll C:\windows\system32\awtqo.dll C:\windows\system32\awtqp.dll C:\windows\system32\awtqq.dll C:\windows\system32\awtqr.dll C:\windows\system32\awtsp.dll C:\windows\system32\awtsq.dll C:\windows\system32\awtsr.dll C:\windows\system32\awtss.dll C:\windows\system32\awtst.dll C:\windows\system32\awvtq.dll C:\windows\system32\awvtr.dll C:\windows\system32\awvts.dll C:\windows\system32\awvtt.dll C:\windows\system32\awvtu.dll C:\windows\system32\awvvs.dll C:\windows\system32\awvvt.dll C:\windows\system32\awvvu.dll C:\windows\system32\awvvv.dll C:\windows\system32\awvvw.dll C:\windows\system32\ddaba.dll C:\windows\system32\ddabb.dll C:\windows\system32\ddabc.dll C:\windows\system32\ddabx.dll C:\windows\system32\ddaby.dll C:\windows\system32\ddaya.dll C:\windows\system32\ddayv.dll C:\windows\system32\ddayw.dll C:\windows\system32\ddayx.dll C:\windows\system32\ddayy.dll C:\windows\system32\ddcca.dll C:\windows\system32\ddccb.dll C:\windows\system32\ddccc.dll C:\windows\system32\ddccd.dll C:\windows\system32\ddccy.dll C:\windows\system32\ddcya.dll C:\windows\system32\ddcyv.dll C:\windows\system32\ddcyw.dll C:\windows\system32\ddcyx.dll C:\windows\system32\ddcyy.dll C:\windows\system32\efcdbaa.dll C:\windows\system32\gebca.dll C:\windows\system32\gebcb.dll C:\windows\system32\gebcc.dll C:\windows\system32\gebcd.dll C:\windows\system32\gebcy.dll C:\windows\system32\gebya.dll C:\windows\system32\gebyv.dll C:\windows\system32\gebyw.dll C:\windows\system32\gebyx.dll C:\windows\system32\gebyy.dll C:\windows\system32\geeba.dll C:\windows\system32\geebb.dll C:\windows\system32\geebc.dll C:\windows\system32\geebx.dll C:\windows\system32\geeby.dll C:\windows\system32\geeda.dll C:\windows\system32\geedb.dll C:\windows\system32\geedc.dll C:\windows\system32\geedd.dll C:\windows\system32\geede.dll C:\windows\system32\jkhfc.dll C:\windows\system32\jkhfd.dll C:\windows\system32\jkhfe.dll C:\windows\system32\jkhff.dll C:\windows\system32\jkhfg.dll C:\windows\system32\jkhhe.dll C:\windows\system32\jkhhf.dll C:\windows\system32\jkhhg.dll C:\windows\system32\jkhhh.dll C:\windows\system32\jkhhi.dll C:\windows\system32\jkkjg.dll C:\windows\system32\jkkjh.dll C:\windows\system32\jkkji.dll C:\windows\system32\jkkjj.dll C:\windows\system32\jkkjk.dll C:\windows\system32\jkkli.dll C:\windows\system32\jkklj.dll C:\windows\system32\jkklk.dll C:\windows\system32\jkkll.dll C:\windows\system32\jkklm.dll C:\windows\system32\mljgd.dll C:\windows\system32\mljge.dll C:\windows\system32\mljgf.dll C:\windows\system32\mljgg.dll C:\windows\system32\mljgh.dll C:\windows\system32\mljjg.dll C:\windows\system32\mljjh.dll C:\windows\system32\mljji.dll C:\windows\system32\mljjj.dll C:\windows\system32\mljjk.dll C:\windows\system32\mlljg.dll C:\windows\system32\mlljh.dll C:\windows\system32\mllji.dll C:\windows\system32\mlljj.dll C:\windows\system32\mlljk.dll C:\windows\system32\mllmj.dll C:\windows\system32\mllmk.dll C:\windows\system32\mllml.dll C:\windows\system32\mllmm.dll C:\windows\system32\mllmn.dll C:\windows\system32\pmkhe.dll C:\windows\system32\pmkhf.dll C:\windows\system32\pmkhg.dll C:\windows\system32\pmkhh.dll C:\windows\system32\pmkhi.dll C:\windows\system32\pmkjg.dll C:\windows\system32\pmkjh.dll C:\windows\system32\pmkji.dll C:\windows\system32\pmkjj.dll C:\windows\system32\pmkjk.dll C:\windows\system32\pmnli.dll C:\windows\system32\pmnlj.dll C:\windows\system32\pmnlk.dll C:\windows\system32\pmnll.dll C:\windows\system32\pmnlm.dll C:\windows\system32\pmnnk.dll C:\windows\system32\pmnnl.dll C:\windows\system32\pmnnm.dll C:\windows\system32\pmnnn.dll C:\windows\system32\pmnno.dll C:\windows\system32\ssqpm.dll C:\windows\system32\ssqpn.dll C:\windows\system32\ssqpo.dll C:\windows\system32\ssqpp.dll C:\windows\system32\ssqpq.dll C:\windows\system32\ssqro.dll C:\windows\system32\ssqrp.dll C:\windows\system32\ssqrq.dll C:\windows\system32\ssqrr.dll C:\windows\system32\ssqrs.dll C:\windows\system32\sstqn.dll C:\windows\system32\sstqo.dll C:\windows\system32\sstqp.dll C:\windows\system32\sstqq.dll C:\windows\system32\sstqr.dll C:\windows\system32\ssttq.dll C:\windows\system32\ssttr.dll C:\windows\system32\sstts.dll C:\windows\system32\ssttt.dll C:\windows\system32\ssttu.dll C:\windows\system32\vtsqn.dll C:\windows\system32\vtsqo.dll C:\windows\system32\vtsqp.dll C:\windows\system32\vtsqq.dll C:\windows\system32\vtsqr.dll C:\windows\system32\vtstq.dll C:\windows\system32\vtstr.dll C:\windows\system32\vtsts.dll C:\windows\system32\vtstt.dll C:\windows\system32\vtstu.dll C:\windows\system32\vturo.dll C:\windows\system32\vturp.dll C:\windows\system32\vturq.dll C:\windows\system32\vturr.dll C:\windows\system32\vturs.dll C:\windows\system32\vtutq.dll C:\windows\system32\vtutr.dll C:\windows\system32\vtuts.dll C:\windows\system32\vtutt.dll C:\windows\system32\vtutu.dll Beginning removal... The process smss.exe was successfully stopped The process winlogon.exe was successfully stopped The process explorer.exe was successfully stopped The process iexplore.exe was successfully stopped The process rundll32.exe was successfully stopped Attempting to delete C:\windows\system32\awtqn.dll C:\windows\system32\awtqn.dll Has been deleted! Attempting to delete C:\windows\system32\awtqo.dll C:\windows\system32\awtqo.dll Has been deleted! Attempting to delete C:\windows\system32\awtqp.dll C:\windows\system32\awtqp.dll Has been deleted! Attempting to delete C:\windows\system32\awtqq.dll C:\windows\system32\awtqq.dll Has been deleted! Attempting to delete C:\windows\system32\awtqr.dll C:\windows\system32\awtqr.dll Has been deleted! Attempting to delete C:\windows\system32\awtsp.dll C:\windows\system32\awtsp.dll Has been deleted! Attempting to delete C:\windows\system32\awtsq.dll C:\windows\system32\awtsq.dll Has been deleted! Attempting to delete C:\windows\system32\awtsr.dll C:\windows\system32\awtsr.dll Has been deleted! Attempting to delete C:\windows\system32\awtss.dll C:\windows\system32\awtss.dll Has been deleted! Attempting to delete C:\windows\system32\awtst.dll C:\windows\system32\awtst.dll Has been deleted! Attempting to delete C:\windows\system32\awvtq.dll C:\windows\system32\awvtq.dll Has been deleted! Attempting to delete C:\windows\system32\awvtr.dll C:\windows\system32\awvtr.dll Has been deleted! Attempting to delete C:\windows\system32\awvts.dll C:\windows\system32\awvts.dll Has been deleted! Attempting to delete C:\windows\system32\awvtt.dll C:\windows\system32\awvtt.dll Has been deleted! Attempting to delete C:\windows\system32\awvtu.dll C:\windows\system32\awvtu.dll Has been deleted! Attempting to delete C:\windows\system32\awvvs.dll C:\windows\system32\awvvs.dll Has been deleted! Attempting to delete C:\windows\system32\awvvt.dll C:\windows\system32\awvvt.dll Has been deleted! Attempting to delete C:\windows\system32\awvvu.dll C:\windows\system32\awvvu.dll Has been deleted! Attempting to delete C:\windows\system32\awvvv.dll C:\windows\system32\awvvv.dll Has been deleted! Attempting to delete C:\windows\system32\awvvw.dll C:\windows\system32\awvvw.dll Has been deleted! Attempting to delete C:\windows\system32\ddaba.dll C:\windows\system32\ddaba.dll Has been deleted! Attempting to delete C:\windows\system32\ddabb.dll C:\windows\system32\ddabb.dll Has been deleted! Attempting to delete C:\windows\system32\ddabc.dll C:\windows\system32\ddabc.dll Has been deleted! Attempting to delete C:\windows\system32\ddabx.dll C:\windows\system32\ddabx.dll Has been deleted! Attempting to delete C:\windows\system32\ddaby.dll C:\windows\system32\ddaby.dll Has been deleted! Attempting to delete C:\windows\system32\ddaya.dll C:\windows\system32\ddaya.dll Has been deleted! Attempting to delete C:\windows\system32\ddayv.dll C:\windows\system32\ddayv.dll Has been deleted! Attempting to delete C:\windows\system32\ddayw.dll C:\windows\system32\ddayw.dll Has been deleted! Attempting to delete C:\windows\system32\ddayx.dll C:\windows\system32\ddayx.dll Has been deleted! Attempting to delete C:\windows\system32\ddayy.dll C:\windows\system32\ddayy.dll Has been deleted! Attempting to delete C:\windows\system32\ddcca.dll C:\windows\system32\ddcca.dll Has been deleted! Attempting to delete C:\windows\system32\ddccb.dll C:\windows\system32\ddccb.dll Has been deleted! Attempting to delete C:\windows\system32\ddccc.dll C:\windows\system32\ddccc.dll Has been deleted! Attempting to delete C:\windows\system32\ddccd.dll C:\windows\system32\ddccd.dll Has been deleted! Attempting to delete C:\windows\system32\ddccy.dll C:\windows\system32\ddccy.dll Has been deleted! Attempting to delete C:\windows\system32\ddcya.dll C:\windows\system32\ddcya.dll Has been deleted! Attempting to delete C:\windows\system32\ddcyv.dll C:\windows\system32\ddcyv.dll Has been deleted! Attempting to delete C:\windows\system32\ddcyw.dll C:\windows\system32\ddcyw.dll Has been deleted! Attempting to delete C:\windows\system32\ddcyx.dll C:\windows\system32\ddcyx.dll Has been deleted! Attempting to delete C:\windows\system32\ddcyy.dll C:\windows\system32\ddcyy.dll Has been deleted! Attempting to delete C:\windows\system32\efcdbaa.dll C:\windows\system32\efcdbaa.dll Has been deleted! Attempting to delete C:\windows\system32\gebca.dll C:\windows\system32\gebca.dll Has been deleted! Attempting to delete C:\windows\system32\gebcb.dll C:\windows\system32\gebcb.dll Has been deleted! Attempting to delete C:\windows\system32\gebcc.dll C:\windows\system32\gebcc.dll Has been deleted! Attempting to delete C:\windows\system32\gebcd.dll C:\windows\system32\gebcd.dll Has been deleted! Attempting to delete C:\windows\system32\gebcy.dll C:\windows\system32\gebcy.dll Has been deleted! Attempting to delete C:\windows\system32\gebya.dll C:\windows\system32\gebya.dll Has been deleted! Attempting to delete C:\windows\system32\gebyv.dll C:\windows\system32\gebyv.dll Has been deleted! Attempting to delete C:\windows\system32\gebyw.dll C:\windows\system32\gebyw.dll Has been deleted! Attempting to delete C:\windows\system32\gebyx.dll C:\windows\system32\gebyx.dll Has been deleted! Attempting to delete C:\windows\system32\gebyy.dll C:\windows\system32\gebyy.dll Has been deleted! Attempting to delete C:\windows\system32\geeba.dll C:\windows\system32\geeba.dll Has been deleted! Attempting to delete C:\windows\system32\geebb.dll C:\windows\system32\geebb.dll Has been deleted! Attempting to delete C:\windows\system32\geebc.dll C:\windows\system32\geebc.dll Has been deleted! Attempting to delete C:\windows\system32\geebx.dll C:\windows\system32\geebx.dll Has been deleted! Attempting to delete C:\windows\system32\geeby.dll C:\windows\system32\geeby.dll Has been deleted! Attempting to delete C:\windows\system32\geeda.dll C:\windows\system32\geeda.dll Has been deleted! Attempting to delete C:\windows\system32\geedb.dll C:\windows\system32\geedb.dll Has been deleted! Attempting to delete C:\windows\system32\geedc.dll C:\windows\system32\geedc.dll Has been deleted! Attempting to delete C:\windows\system32\geedd.dll C:\windows\system32\geedd.dll Has been deleted! Attempting to delete C:\windows\system32\geede.dll C:\windows\system32\geede.dll Has been deleted! Attempting to delete C:\windows\system32\jkhfc.dll C:\windows\system32\jkhfc.dll Has been deleted! Attempting to delete C:\windows\system32\jkhfd.dll C:\windows\system32\jkhfd.dll Has been deleted! Attempting to delete C:\windows\system32\jkhfe.dll C:\windows\system32\jkhfe.dll Has been deleted! Attempting to delete C:\windows\system32\jkhff.dll C:\windows\system32\jkhff.dll Has been deleted! Attempting to delete C:\windows\system32\jkhfg.dll C:\windows\system32\jkhfg.dll Has been deleted! Attempting to delete C:\windows\system32\jkhhe.dll C:\windows\system32\jkhhe.dll Has been deleted! Attempting to delete C:\windows\system32\jkhhf.dll C:\windows\system32\jkhhf.dll Has been deleted! Attempting to delete C:\windows\system32\jkhhg.dll C:\windows\system32\jkhhg.dll Has been deleted! Attempting to delete C:\windows\system32\jkhhh.dll C:\windows\system32\jkhhh.dll Has been deleted! Attempting to delete C:\windows\system32\jkhhi.dll C:\windows\system32\jkhhi.dll Has been deleted! Attempting to delete C:\windows\system32\jkkjg.dll C:\windows\system32\jkkjg.dll Has been deleted! Attempting to delete C:\windows\system32\jkkjh.dll C:\windows\system32\jkkjh.dll Has been deleted! Attempting to delete C:\windows\system32\jkkji.dll C:\windows\system32\jkkji.dll Has been deleted! Attempting to delete C:\windows\system32\jkkjj.dll C:\windows\system32\jkkjj.dll Has been deleted! Attempting to delete C:\windows\system32\jkkjk.dll C:\windows\system32\jkkjk.dll Has been deleted! Attempting to delete C:\windows\system32\jkkli.dll C:\windows\system32\jkkli.dll Has been deleted! Attempting to delete C:\windows\system32\jkklj.dll C:\windows\system32\jkklj.dll Has been deleted! Attempting to delete C:\windows\system32\jkklk.dll C:\windows\system32\jkklk.dll Has been deleted! Attempting to delete C:\windows\system32\jkkll.dll C:\windows\system32\jkkll.dll Has been deleted! Attempting to delete C:\windows\system32\jkklm.dll C:\windows\system32\jkklm.dll Has been deleted! Attempting to delete C:\windows\system32\mljgd.dll C:\windows\system32\mljgd.dll Has been deleted! Attempting to delete C:\windows\system32\mljge.dll C:\windows\system32\mljge.dll Has been deleted! Attempting to delete C:\windows\system32\mljgf.dll C:\windows\system32\mljgf.dll Has been deleted! Attempting to delete C:\windows\system32\mljgg.dll C:\windows\system32\mljgg.dll Has been deleted! Attempting to delete C:\windows\system32\mljgh.dll C:\windows\system32\mljgh.dll Has been deleted! Attempting to delete C:\windows\system32\mljjg.dll C:\windows\system32\mljjg.dll Has been deleted! Attempting to delete C:\windows\system32\mljjh.dll C:\windows\system32\mljjh.dll Has been deleted! Attempting to delete C:\windows\system32\mljji.dll C:\windows\system32\mljji.dll Has been deleted! Attempting to delete C:\windows\system32\mljjj.dll C:\windows\system32\mljjj.dll Has been deleted! Attempting to delete C:\windows\system32\mljjk.dll C:\windows\system32\mljjk.dll Has been deleted! Attempting to delete C:\windows\system32\mlljg.dll C:\windows\system32\mlljg.dll Has been deleted! Attempting to delete C:\windows\system32\mlljh.dll C:\windows\system32\mlljh.dll Has been deleted! Attempting to delete C:\windows\system32\mllji.dll C:\windows\system32\mllji.dll Has been deleted! Attempting to delete C:\windows\system32\mlljj.dll C:\windows\system32\mlljj.dll Has been deleted! Attempting to delete C:\windows\system32\mlljk.dll C:\windows\system32\mlljk.dll Has been deleted! Attempting to delete C:\windows\system32\mllmj.dll C:\windows\system32\mllmj.dll Has been deleted! Attempting to delete C:\windows\system32\mllmk.dll C:\windows\system32\mllmk.dll Has been deleted! Attempting to delete C:\windows\system32\mllml.dll C:\windows\system32\mllml.dll Has been deleted! Attempting to delete C:\windows\system32\mllmm.dll C:\windows\system32\mllmm.dll Has been deleted! Attempting to delete C:\windows\system32\mllmn.dll C:\windows\system32\mllmn.dll Has been deleted! Attempting to delete C:\windows\system32\pmkhe.dll C:\windows\system32\pmkhe.dll Has been deleted! Attempting to delete C:\windows\system32\pmkhf.dll C:\windows\system32\pmkhf.dll Has been deleted! Attempting to delete C:\windows\system32\pmkhg.dll C:\windows\system32\pmkhg.dll Has been deleted! Attempting to delete C:\windows\system32\pmkhh.dll C:\windows\system32\pmkhh.dll Has been deleted! Attempting to delete C:\windows\system32\pmkhi.dll C:\windows\system32\pmkhi.dll Has been deleted! Attempting to delete C:\windows\system32\pmkjg.dll C:\windows\system32\pmkjg.dll Has been deleted! Attempting to delete C:\windows\system32\pmkjh.dll C:\windows\system32\pmkjh.dll Has been deleted! Attempting to delete C:\windows\system32\pmkji.dll C:\windows\system32\pmkji.dll Has been deleted! Attempting to delete C:\windows\system32\pmkjj.dll C:\windows\system32\pmkjj.dll Has been deleted! Attempting to delete C:\windows\system32\pmkjk.dll C:\windows\system32\pmkjk.dll Has been deleted! Attempting to delete C:\windows\system32\pmnli.dll C:\windows\system32\pmnli.dll Has been deleted! Attempting to delete C:\windows\system32\pmnlj.dll C:\windows\system32\pmnlj.dll Has been deleted! Attempting to delete C:\windows\system32\pmnlk.dll C:\windows\system32\pmnlk.dll Has been deleted! Attempting to delete C:\windows\system32\pmnll.dll C:\windows\system32\pmnll.dll Has been deleted! Attempting to delete C:\windows\system32\pmnlm.dll C:\windows\system32\pmnlm.dll Has been deleted! Attempting to delete C:\windows\system32\pmnnk.dll C:\windows\system32\pmnnk.dll Has been deleted! Attempting to delete C:\windows\system32\pmnnl.dll C:\windows\system32\pmnnl.dll Has been deleted! Attempting to delete C:\windows\system32\pmnnm.dll C:\windows\system32\pmnnm.dll Has been deleted! Attempting to delete C:\windows\system32\pmnnn.dll C:\windows\system32\pmnnn.dll Has been deleted! Attempting to delete C:\windows\system32\pmnno.dll C:\windows\system32\pmnno.dll Has been deleted! Attempting to delete C:\windows\system32\ssqpm.dll C:\windows\system32\ssqpm.dll Has been deleted! Attempting to delete C:\windows\system32\ssqpn.dll C:\windows\system32\ssqpn.dll Has been deleted! Attempting to delete C:\windows\system32\ssqpo.dll C:\windows\system32\ssqpo.dll Has been deleted! Attempting to delete C:\windows\system32\ssqpp.dll C:\windows\system32\ssqpp.dll Has been deleted! Attempting to delete C:\windows\system32\ssqpq.dll C:\windows\system32\ssqpq.dll Has been deleted! Attempting to delete C:\windows\system32\ssqro.dll C:\windows\system32\ssqro.dll Has been deleted! Attempting to delete C:\windows\system32\ssqrp.dll C:\windows\system32\ssqrp.dll Has been deleted! Attempting to delete C:\windows\system32\ssqrq.dll C:\windows\system32\ssqrq.dll Has been deleted! Attempting to delete C:\windows\system32\ssqrr.dll C:\windows\system32\ssqrr.dll Has been deleted! Attempting to delete C:\windows\system32\ssqrs.dll C:\windows\system32\ssqrs.dll Has been deleted! Attempting to delete C:\windows\system32\sstqn.dll C:\windows\system32\sstqn.dll Has been deleted! Attempting to delete C:\windows\system32\sstqo.dll C:\windows\system32\sstqo.dll Has been deleted! Attempting to delete C:\windows\system32\sstqp.dll C:\windows\system32\sstqp.dll Has been deleted! Attempting to delete C:\windows\system32\sstqq.dll C:\windows\system32\sstqq.dll Has been deleted! Attempting to delete C:\windows\system32\sstqr.dll C:\windows\system32\sstqr.dll Has been deleted! Attempting to delete C:\windows\system32\ssttq.dll C:\windows\system32\ssttq.dll Has been deleted! Attempting to delete C:\windows\system32\ssttr.dll C:\windows\system32\ssttr.dll Has been deleted! Attempting to delete C:\windows\system32\sstts.dll C:\windows\system32\sstts.dll Has been deleted! Attempting to delete C:\windows\system32\ssttt.dll C:\windows\system32\ssttt.dll Has been deleted! Attempting to delete C:\windows\system32\ssttu.dll C:\windows\system32\ssttu.dll Has been deleted! Attempting to delete C:\windows\system32\vtsqn.dll C:\windows\system32\vtsqn.dll Has been deleted! Attempting to delete C:\windows\system32\vtsqo.dll C:\windows\system32\vtsqo.dll Has been deleted! Attempting to delete C:\windows\system32\vtsqp.dll C:\windows\system32\vtsqp.dll Has been deleted! Attempting to delete C:\windows\system32\vtsqq.dll C:\windows\system32\vtsqq.dll Has been deleted! Attempting to delete C:\windows\system32\vtsqr.dll C:\windows\system32\vtsqr.dll Has been deleted! Attempting to delete C:\windows\system32\vtstq.dll C:\windows\system32\vtstq.dll Has been deleted! Attempting to delete C:\windows\system32\vtstr.dll C:\windows\system32\vtstr.dll Has been deleted! Attempting to delete C:\windows\system32\vtsts.dll C:\windows\system32\vtsts.dll Has been deleted! Attempting to delete C:\windows\system32\vtstt.dll C:\windows\system32\vtstt.dll Has been deleted! Attempting to delete C:\windows\system32\vtstu.dll C:\windows\system32\vtstu.dll Has been deleted! Attempting to delete C:\windows\system32\vturo.dll C:\windows\system32\vturo.dll Has been deleted! Attempting to delete C:\windows\system32\vturp.dll C:\windows\system32\vturp.dll Has been deleted! Attempting to delete C:\windows\system32\vturq.dll C:\windows\system32\vturq.dll Has been deleted! Attempting to delete C:\windows\system32\vturr.dll C:\windows\system32\vturr.dll Has been deleted! Attempting to delete C:\windows\system32\vturs.dll C:\windows\system32\vturs.dll Has been deleted! Attempting to delete C:\windows\system32\vtutq.dll C:\windows\system32\vtutq.dll Has been deleted! Attempting to delete C:\windows\system32\vtutr.dll C:\windows\system32\vtutr.dll Has been deleted! Attempting to delete C:\windows\system32\vtuts.dll C:\windows\system32\vtuts.dll Has been deleted! Attempting to delete C:\windows\system32\vtutt.dll C:\windows\system32\vtutt.dll Has been deleted! Attempting to delete C:\windows\system32\vtutu.dll C:\windows\system32\vtutu.dll Has been deleted! Performing Repairs to the registry. Done! I couldnt find "winjyp32.dll" thru the search function, and "O20 - Winlogon Notify: efcdbaa - C:\WINDOWS\SYSTEM32\efcdbaa.dll " wasnt there anymore when i ran hijackthis again. And the toolbar888 folder/Add/Remove wasnt found So far much appreciated, just hope nothing else is wrong
Ok looks clean now You seem to have two antiviruses running at the same time, AVG & Trendmicro. This is not recommended since it may cause severe problems. I recommend that you remove either AVG or TrendMicro though "Control Panel" -> "Add/Remove Programs" If you decide to remove TrendMicro, you need to install a new firewall too. In that case, these are good (free) firewalls: ZoneAlarm --> http://www.zonelabs.com Kerio--> http://www.sunbelt-software.com/Kerio.cfm Outpost-> http://www.agnitum.com You should update your Java (old version has all kinds of vulnerabilities) 1. Click "Start"-> "Control panel" -> Double-click Java icon (coffee cup) 2. Move to "Update" tab and update Java by clicking "Update Now". After that do a restart. 3. If you can't make automatic update, get new version manually from here -> http://www.java.com/en/download/manual.jsp 4. After updating, uninstall the old Java (if found) from Add/Remove Programs, named as J2SE Runtime Environment 5.0 Update 3 J2SE Runtime Environment 5.0 Update 6 Then you can make your hidden files hidden again. Then you can clean Ewido's quarantine: -> Open Ewido -> Choose "Infections" -> Click "Select all" -> Click "Remove finally" -> Close Ewido Now that you're clean, here are some tips how to stay clean. -> Stand Up and Be Counted, Malware Complaints -> http://www.malwarecomplaints.info The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware. -> Clear your system restore -> http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx This will clear the system restore folders from possible malware that was left behind during the cleaning process. Remember to create a new restore point after the cleaning. -> Use CCleaner -> http://www.ccleaner.com Download and install CCleaner. Clean your registry and temporary files with it regularly. -> Use Ad-Aware -> http://www.bleepingcomputer.com/forums/?showtutorial=48 Download and install Ad-Aware. Update it and scan your computer regularly with it. -> Use Ewido -> http://www.ewido.net/en Download and install Ewido. Update it and scan your computer regularly with it. -> Install SpywareBlaster -> http://www.javacoolsoftware.com/spywareblaster.html SpywareBlaster will prevent spyware from being installed to your computer. -> Install MVPS Hosts file -> http://mvps.org/winhelp2002/hosts.htm This prevents your computer from connecting to harmful sites. -> Change your browser to Firefox -> http://www.mozilla.org Firefox is faster, safer and quicker browser than Internet Explorer. -> Keep your systen up-to-date -> http://windowsupdate.microsoft.com Visit Windows Update regularly. -> Keep your antivirus and firewall up-to-date Scan your computer regularly with your antivirus. -> Read this article by TonyKlein -> http://castlecops.com/postlite7736-.html So how did I get infected in the first place? Stay clean
