Tech Support Forum - View Single Post - popups, worms, and system problems ...pls help !!!

babbs · 04-14-2006, 11:51 AM

here are the contents of my scans

Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 4/14/2006 1:05:12 PM

Infected! C:\WINDOWS\system32\k408ledu1h08.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161613.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161623.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161659.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161661.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0162664.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165668.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165685.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165689.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0166688.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167688.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167718.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167726.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167736.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167737.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167748.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP516\A0168382.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP517\A0168547.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0168758.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0169548.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170545.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170555.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170570.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170576.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171576.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171586.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171590.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171593.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171596.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171597.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171635.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171674.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171684.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171758.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171763.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171778.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171781.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171791.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171810.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171816.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171819.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171820.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171824.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171826.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171830.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171895.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171899.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171901.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171905.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0172904.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173904.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173916.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173925.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0174925.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175916.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175921.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175922.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176014.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176015.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177014.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177051.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177059.dll
Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177060.dll
Infected! C:\WINDOWS\system32\dn4s01h7e.dll
Infected! C:\WINDOWS\system32\dnl0013me.dll
Infected! C:\WINDOWS\system32\dRdxof.dll
Infected! C:\WINDOWS\system32\en2ql1f51.dll
Infected! C:\WINDOWS\system32\fpjs0317e.dll
Infected! C:\WINDOWS\system32\g240lchm1f4a.dll
Infected! C:\WINDOWS\system32\h82o0if3e82.dll
Infected! C:\WINDOWS\system32\hazsnt12.dll
Infected! C:\WINDOWS\system32\hr0u05d9e.dll
Infected! C:\WINDOWS\system32\hr8605lse.dll
Infected! C:\WINDOWS\system32\hr8s05l7e.dll
Infected! C:\WINDOWS\system32\irjml5111.dll
Infected! C:\WINDOWS\system32\jt4207hoe.dll
Infected! C:\WINDOWS\system32\jt6607jse.dll
Infected! C:\WINDOWS\system32\k408ledu1h08.dll
Infected! C:\WINDOWS\system32\k8lq0i35e8.dll
Infected! C:\WINDOWS\system32\ktdus.dll
Infected! C:\WINDOWS\system32\ktjml7111.dll
Infected! C:\WINDOWS\system32\lv6o09j3e.dll
Infected! C:\WINDOWS\system32\mHg_hook.dll
Infected! C:\WINDOWS\system32\mjdtcprx.dll
Infected! C:\WINDOWS\system32\o884lilq18qe.dll
Infected! C:\WINDOWS\system32\s288lclu1fq8.dll
Infected! C:\WINDOWS\System32\guard.tmp

Attempting to delete infected files...

Attempting to delete: C:\WINDOWS\system32\k408ledu1h08.dll
C:\WINDOWS\system32\k408ledu1h08.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161613.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161613.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161623.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161623.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161659.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161659.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161661.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161661.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0162664.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0162664.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165668.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165668.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165685.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165685.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165689.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165689.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0166688.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0166688.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167688.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167688.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167718.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167718.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167726.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167726.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167736.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167736.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167737.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167737.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167748.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167748.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP516\A0168382.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP516\A0168382.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP517\A0168547.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP517\A0168547.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0168758.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0168758.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0169548.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0169548.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170545.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170545.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170555.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170555.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170570.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170570.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170576.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170576.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171576.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171576.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171586.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171586.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171590.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171590.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171593.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171593.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171596.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171596.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171597.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171597.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171635.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171635.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171674.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171674.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171684.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171684.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171758.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171758.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171763.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171763.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171778.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171778.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171781.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171781.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171791.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171791.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171810.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171810.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171816.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171816.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171819.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171819.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171820.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171820.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171824.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171824.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171826.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171826.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171830.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171830.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171895.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171895.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171899.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171899.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171901.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171901.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171905.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171905.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0172904.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0172904.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173904.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173904.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173916.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173916.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173925.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173925.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0174925.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0174925.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175916.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175916.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175921.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175921.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175922.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175922.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176014.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176014.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176015.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176015.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177014.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177014.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177051.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177051.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177059.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177059.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177060.dll
C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177060.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\dn4s01h7e.dll
C:\WINDOWS\system32\dn4s01h7e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\dnl0013me.dll
C:\WINDOWS\system32\dnl0013me.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\dRdxof.dll
C:\WINDOWS\system32\dRdxof.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\en2ql1f51.dll
C:\WINDOWS\system32\en2ql1f51.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\fpjs0317e.dll
C:\WINDOWS\system32\fpjs0317e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\g240lchm1f4a.dll
C:\WINDOWS\system32\g240lchm1f4a.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\h82o0if3e82.dll
C:\WINDOWS\system32\h82o0if3e82.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\hazsnt12.dll
C:\WINDOWS\system32\hazsnt12.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\hr0u05d9e.dll
C:\WINDOWS\system32\hr0u05d9e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\hr8605lse.dll
C:\WINDOWS\system32\hr8605lse.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\hr8s05l7e.dll
C:\WINDOWS\system32\hr8s05l7e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\irjml5111.dll
C:\WINDOWS\system32\irjml5111.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\jt4207hoe.dll
C:\WINDOWS\system32\jt4207hoe.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\jt6607jse.dll
C:\WINDOWS\system32\jt6607jse.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\k408ledu1h08.dll
C:\WINDOWS\system32\k408ledu1h08.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\k8lq0i35e8.dll
C:\WINDOWS\system32\k8lq0i35e8.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\ktdus.dll
C:\WINDOWS\system32\ktdus.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\ktjml7111.dll
C:\WINDOWS\system32\ktjml7111.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\lv6o09j3e.dll
C:\WINDOWS\system32\lv6o09j3e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\mHg_hook.dll
C:\WINDOWS\system32\mHg_hook.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\mjdtcprx.dll
C:\WINDOWS\system32\mjdtcprx.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\o884lilq18qe.dll
C:\WINDOWS\system32\o884lilq18qe.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\s288lclu1fq8.dll
C:\WINDOWS\system32\s288lclu1fq8.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\System32\guard.tmp
C:\WINDOWS\System32\guard.tmp Deleted successfully!

Making registry repairs.

Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Reinstall

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{1D144333-A75A-4CAB-B419-E2D56C762B9F}"
HKCR\Clsid\{1D144333-A75A-4CAB-B419-E2D56C762B9F}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{936F9E4C-637D-4EAC-9816-4ACA5F7A4F7A}"
HKCR\Clsid\{936F9E4C-637D-4EAC-9816-4ACA5F7A4F7A}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{089F0804-9A4C-4432-803C-9294CF313D4C}"
HKCR\Clsid\{089F0804-9A4C-4432-803C-9294CF313D4C}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{134E99F5-D0C8-41F0-8D53-9D808B19BB5F}"
HKCR\Clsid\{134E99F5-D0C8-41F0-8D53-9D808B19BB5F}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{B7E554BE-D491-4EC8-B375-9D4C340AD0E0}"
HKCR\Clsid\{B7E554BE-D491-4EC8-B375-9D4C340AD0E0}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file

Restoring SeDebugPrivilege for Administrators - Succeeded

======================================================

BFU v1.00.9
Windows XP SP1 (WinNT 5.01.2600 SP1)
Script started at 1:41:38 PM, on 4/14/2006

Failed: DllUnregister C:\WINDOWS\DH.dll|1 (file not found)
Failed: ServiceStop Network Monitor (service not found)
Failed: ServiceStop cmdService (service not found)
Failed: ServiceDisable Network Monitor (service not found)
Failed: ServiceDisable cmdService (service not found)
Failed: ServiceDelete Network Monitor (service not found)
Failed: ServiceDelete cmdService (service not found)
Failed: RegDelValue HKCU\System\CurrentControlSet\Control\Lsa|p2pnetwork (key not found)
Failed: RegDelValue HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations|LowRiskFileTypes (key not found)
Failed: RegDelValue HKLM\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler|{4F141CBA-1457-6CCA-03A7-7AA21B61EA0F} (key not found)
Option pause between commands: 300 ms
Option pause between commands: 50 ms
Failed: FolderDelete C:\Program Files\MsConfigs (folder not found)
Failed: FolderDelete C:\Program Files\winupdates (folder not found)
Failed: FolderDelete C:\Program Files\winupdate (folder not found)
Failed: FolderDelete C:\Program Files\winsupdater (folder not found)
Failed: FolderDelete C:\Program Files\MsUpdate (folder not found)
Failed: FolderDelete C:\Program Files\MsMovies (folder not found)
Failed: FolderDelete C:\Program Files\wmplayer (folder not found)
Failed: FolderDelete C:\Program Files\outlook (folder not found)
Failed: FileDelete C:\Program Files\Common Files\Download\mc-*-*.exe (operation failed)
Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\Perflib_Perfdata_11c.dat (operation failed)
Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\Perflib_Perfdata_d3c.dat (operation failed)
Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\~DF5343.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\~DF5428.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\~DF8FE9.tmp (operation failed)
Failed: FolderDelete C:\Program Files\Maxifiles (folder not found)
Failed: FolderDelete C:\Program Files\DNS (folder not found)
Failed: FolderDelete C:\Program Files\EQAdvice (folder not found)
Failed: FolderDelete C:\Program Files\FCAdvice (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\FreeProd1 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\FreeProd2 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\InetGet2 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\VCClient (folder not found)
Failed: FolderDelete C:\Program Files\Network Monitor (folder not found)
Failed: FolderDelete C:\WINDOWS\inet20001 (folder not found)
Failed: FolderDelete C:\Program Files\Update06 (folder not found)
Failed: FileMove C:\WINDOWS\win*-*.exe|C:\bintheredunthat (source file not found)
Script completed.

===========================================

Logfile of HijackThis v1.99.1
Scan saved at 1:47:26 PM, on 4/14/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\NaviSearch\bin\nls.exe
C:\WINDOWS\system32\s?stem32\regedit.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Brendas%20blank.HTM
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\blank1.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://red.clientapps.yahoo.com/cust...//my.yahoo.com
F3 - REG:win.ini: load=?????? ?????
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\utilities\movie factory\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [w008ec8b.dll] RUNDLL32.EXE w008ec8b.dll,I2 000284cc0008ec8b
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKCU\..\Run: [Voswxaa] C:\WINDOWS\system32\s?stem32\regedit.exe
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

thanks for the help .. so far didnt get that many pop ups

04-14-2006, 11:51 AM	#3 (permalink)
babbs Registered User Join Date: Jun 2005 Posts: 34 OS: xp	popup con't... here are the contents of my scans Look2Me-Destroyer V1.0.12 Scanning for infected files..... Scan started at 4/14/2006 1:05:12 PM Infected! C:\WINDOWS\system32\k408ledu1h08.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161613.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161623.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161659.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161661.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0162664.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165668.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165685.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165689.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0166688.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167688.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167718.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167726.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167736.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167737.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167748.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP516\A0168382.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP517\A0168547.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0168758.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0169548.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170545.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170555.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170570.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170576.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171576.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171586.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171590.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171593.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171596.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171597.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171635.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171674.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171684.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171758.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171763.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171778.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171781.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171791.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171810.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171816.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171819.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171820.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171824.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171826.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171830.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171895.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171899.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171901.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171905.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0172904.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173904.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173916.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173925.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0174925.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175916.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175921.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175922.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176014.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176015.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177014.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177051.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177059.dll Infected! C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177060.dll Infected! C:\WINDOWS\system32\dn4s01h7e.dll Infected! C:\WINDOWS\system32\dnl0013me.dll Infected! C:\WINDOWS\system32\dRdxof.dll Infected! C:\WINDOWS\system32\en2ql1f51.dll Infected! C:\WINDOWS\system32\fpjs0317e.dll Infected! C:\WINDOWS\system32\g240lchm1f4a.dll Infected! C:\WINDOWS\system32\h82o0if3e82.dll Infected! C:\WINDOWS\system32\hazsnt12.dll Infected! C:\WINDOWS\system32\hr0u05d9e.dll Infected! C:\WINDOWS\system32\hr8605lse.dll Infected! C:\WINDOWS\system32\hr8s05l7e.dll Infected! C:\WINDOWS\system32\irjml5111.dll Infected! C:\WINDOWS\system32\jt4207hoe.dll Infected! C:\WINDOWS\system32\jt6607jse.dll Infected! C:\WINDOWS\system32\k408ledu1h08.dll Infected! C:\WINDOWS\system32\k8lq0i35e8.dll Infected! C:\WINDOWS\system32\ktdus.dll Infected! C:\WINDOWS\system32\ktjml7111.dll Infected! C:\WINDOWS\system32\lv6o09j3e.dll Infected! C:\WINDOWS\system32\mHg_hook.dll Infected! C:\WINDOWS\system32\mjdtcprx.dll Infected! C:\WINDOWS\system32\o884lilq18qe.dll Infected! C:\WINDOWS\system32\s288lclu1fq8.dll Infected! C:\WINDOWS\System32\guard.tmp Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\k408ledu1h08.dll C:\WINDOWS\system32\k408ledu1h08.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161613.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161613.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161623.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161623.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161659.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161659.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161661.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0161661.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0162664.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP510\A0162664.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165668.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165668.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165685.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165685.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165689.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0165689.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0166688.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0166688.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167688.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167688.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167718.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167718.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167726.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167726.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167736.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167736.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167737.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167737.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167748.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP511\A0167748.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP516\A0168382.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP516\A0168382.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP517\A0168547.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP517\A0168547.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0168758.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0168758.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0169548.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0169548.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170545.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170545.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170555.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170555.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170570.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170570.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170576.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0170576.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171576.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171576.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171586.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171586.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171590.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171590.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171593.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP518\A0171593.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171596.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171596.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171597.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171597.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171635.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171635.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171674.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171674.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171684.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171684.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171758.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171758.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171763.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171763.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171778.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171778.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171781.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171781.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171791.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171791.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171810.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171810.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171816.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171816.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171819.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171819.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171820.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171820.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171824.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171824.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171826.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171826.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171830.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171830.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171895.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171895.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171899.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171899.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171901.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171901.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171905.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0171905.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0172904.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP519\A0172904.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173904.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173904.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173916.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173916.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173925.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0173925.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0174925.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0174925.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175916.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175916.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175921.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175921.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175922.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP520\A0175922.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176014.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176014.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176015.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0176015.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177014.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177014.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177051.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177051.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177059.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177059.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177060.dll C:\System Volume Information\_restore{3D7A16A6-E25D-4F0A-AD55-2D68795D5B33}\RP522\A0177060.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\dn4s01h7e.dll C:\WINDOWS\system32\dn4s01h7e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\dnl0013me.dll C:\WINDOWS\system32\dnl0013me.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\dRdxof.dll C:\WINDOWS\system32\dRdxof.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\en2ql1f51.dll C:\WINDOWS\system32\en2ql1f51.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\fpjs0317e.dll C:\WINDOWS\system32\fpjs0317e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\g240lchm1f4a.dll C:\WINDOWS\system32\g240lchm1f4a.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\h82o0if3e82.dll C:\WINDOWS\system32\h82o0if3e82.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\hazsnt12.dll C:\WINDOWS\system32\hazsnt12.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\hr0u05d9e.dll C:\WINDOWS\system32\hr0u05d9e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\hr8605lse.dll C:\WINDOWS\system32\hr8605lse.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\hr8s05l7e.dll C:\WINDOWS\system32\hr8s05l7e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\irjml5111.dll C:\WINDOWS\system32\irjml5111.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt4207hoe.dll C:\WINDOWS\system32\jt4207hoe.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt6607jse.dll C:\WINDOWS\system32\jt6607jse.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k408ledu1h08.dll C:\WINDOWS\system32\k408ledu1h08.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\k8lq0i35e8.dll C:\WINDOWS\system32\k8lq0i35e8.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktdus.dll C:\WINDOWS\system32\ktdus.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktjml7111.dll C:\WINDOWS\system32\ktjml7111.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lv6o09j3e.dll C:\WINDOWS\system32\lv6o09j3e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mHg_hook.dll C:\WINDOWS\system32\mHg_hook.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mjdtcprx.dll C:\WINDOWS\system32\mjdtcprx.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\o884lilq18qe.dll C:\WINDOWS\system32\o884lilq18qe.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\s288lclu1fq8.dll C:\WINDOWS\system32\s288lclu1fq8.dll Deleted successfully! Attempting to delete: C:\WINDOWS\System32\guard.tmp C:\WINDOWS\System32\guard.tmp Deleted successfully! Making registry repairs. Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Reinstall Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{1D144333-A75A-4CAB-B419-E2D56C762B9F}" HKCR\Clsid\{1D144333-A75A-4CAB-B419-E2D56C762B9F} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{936F9E4C-637D-4EAC-9816-4ACA5F7A4F7A}" HKCR\Clsid\{936F9E4C-637D-4EAC-9816-4ACA5F7A4F7A} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{089F0804-9A4C-4432-803C-9294CF313D4C}" HKCR\Clsid\{089F0804-9A4C-4432-803C-9294CF313D4C} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{134E99F5-D0C8-41F0-8D53-9D808B19BB5F}" HKCR\Clsid\{134E99F5-D0C8-41F0-8D53-9D808B19BB5F} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{B7E554BE-D491-4EC8-B375-9D4C340AD0E0}" HKCR\Clsid\{B7E554BE-D491-4EC8-B375-9D4C340AD0E0} Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administrators - Succeeded ====================================================== BFU v1.00.9 Windows XP SP1 (WinNT 5.01.2600 SP1) Script started at 1:41:38 PM, on 4/14/2006 Failed: DllUnregister C:\WINDOWS\DH.dll\|1 (file not found) Failed: ServiceStop Network Monitor (service not found) Failed: ServiceStop cmdService (service not found) Failed: ServiceDisable Network Monitor (service not found) Failed: ServiceDisable cmdService (service not found) Failed: ServiceDelete Network Monitor (service not found) Failed: ServiceDelete cmdService (service not found) Failed: RegDelValue HKCU\System\CurrentControlSet\Control\Lsa\|p2pnetwork (key not found) Failed: RegDelValue HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\|LowRiskFileTypes (key not found) Failed: RegDelValue HKLM\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\SharedTaskScheduler\|{4F141CBA-1457-6CCA-03A7-7AA21B61EA0F} (key not found) Option pause between commands: 300 ms Option pause between commands: 50 ms Failed: FolderDelete C:\Program Files\MsConfigs (folder not found) Failed: FolderDelete C:\Program Files\winupdates (folder not found) Failed: FolderDelete C:\Program Files\winupdate (folder not found) Failed: FolderDelete C:\Program Files\winsupdater (folder not found) Failed: FolderDelete C:\Program Files\MsUpdate (folder not found) Failed: FolderDelete C:\Program Files\MsMovies (folder not found) Failed: FolderDelete C:\Program Files\wmplayer (folder not found) Failed: FolderDelete C:\Program Files\outlook (folder not found) Failed: FileDelete C:\Program Files\Common Files\Download\mc--.exe (operation failed) Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\Perflib_Perfdata_11c.dat (operation failed) Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\Perflib_Perfdata_d3c.dat (operation failed) Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\~DF5343.tmp (operation failed) Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\~DF5428.tmp (operation failed) Failed: FileDelete C:\DOCUME~1\BRENDA~1\LOCALS~1\Temp\~DF8FE9.tmp (operation failed) Failed: FolderDelete C:\Program Files\Maxifiles (folder not found) Failed: FolderDelete C:\Program Files\DNS (folder not found) Failed: FolderDelete C:\Program Files\EQAdvice (folder not found) Failed: FolderDelete C:\Program Files\FCAdvice (folder not found) Failed: FolderDelete C:\Program Files\Common Files\FreeProd1 (folder not found) Failed: FolderDelete C:\Program Files\Common Files\FreeProd2 (folder not found) Failed: FolderDelete C:\Program Files\Common Files\InetGet2 (folder not found) Failed: FolderDelete C:\Program Files\Common Files\VCClient (folder not found) Failed: FolderDelete C:\Program Files\Network Monitor (folder not found) Failed: FolderDelete C:\WINDOWS\inet20001 (folder not found) Failed: FolderDelete C:\Program Files\Update06 (folder not found) Failed: FileMove C:\WINDOWS\win-.exe\|C:\bintheredunthat (source file not found) Script completed. =========================================== Logfile of HijackThis v1.99.1 Scan saved at 1:47:26 PM, on 4/14/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\System32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\NaviSearch\bin\nls.exe C:\WINDOWS\system32\s?stem32\regedit.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\iexplore.exe C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Brendas%20blank.HTM R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\blank1.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://red.clientapps.yahoo.com/cust...//my.yahoo.com F3 - REG:win.ini: load=?????? ????? F2 - REG:system.ini: UserInit=userinit.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\utilities\movie factory\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL O4 - HKLM\..\Run: [w008ec8b.dll] RUNDLL32.EXE w008ec8b.dll,I2 000284cc0008ec8b O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe O4 - HKCU\..\Run: [Voswxaa] C:\WINDOWS\system32\s?stem32\regedit.exe O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing) O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - C:\WINDOWS\System32\dmonwv.dll (file missing) O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/def...ploader_v6.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe thanks for the help .. so far didnt get that many pop ups