Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Infections, Infections, Infections...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Infections, Infections, Infections...

Unread postby DannySteel » July 25th, 2009, 3:40 am

Hello,
Recently I did a scan using the anti-virus software on my PC and it reported that I had quite a few viruses. I attempted to remove them, however this didn't work. Could someone please help me remove them? Thanks.

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\System32\svchost.exe
D:\Downloads\HijackThis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.telstra.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telstra BigPond Home Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Fire-Trust SiteHound - {C86AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - D:\Program Files\FireTrust\SiteHound\SiteHound.dll
O3 - Toolbar: SiteHound - {73F7F495-A325-4C52-BE48-5F97FA511E89} - D:\Program Files\FireTrust\SiteHound\SiteHound.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinPatrol] D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - D:\Program Files\FireTrust\SiteHound\SiteHound.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/sr ... ab_srl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www4.snapfish.com.au/SnapfishActivia.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6505 bytes
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am
Advertisement
Register to Remove

Re: Infections, Infections, Infections...

Unread postby muppy03 » July 25th, 2009, 7:36 pm

Hello and welcome to Malware Removal Forums

IMPORTANT

Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
To make cleaning this machine easier:-
  • Continue to respond to this thread until I give you the All Clean!
  • Please DO NOT uninstall/install any programs unless asked to. It is more difficult when files/programs appear or disappear from the logs.
  • Please do not run any scans other than those requested and do not post any logs/reports unless specifically requested to do so.
  • Please follow all instructions in the order posted.
  • If you have any questions or do not understand instructions, please ask before continuing.
  • Please reply to this thread. Do not start a new topic.

Make an uninstall list using HijackThis
To access the Uninstall Manager you would do the following:
  • Start HijackThis
  • Click on the Config button
  • Click on the Misc Tools button
  • Click on the Open Uninstall Manager button.
  • Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Save the file to your desktop.

Please post this log on your next reply.

I see that you have Malwarebytes. Did you run a scan with this? I would like to see the report it produced. Also could you tell be what problems you are having?

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

NEXT Download and Run: RSIT

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Please reply with:-
  • Uninstall list
  • MBAM log
  • RSIT logs ( info.txt and log.txt)
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4782
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 26th, 2009, 9:02 pm

Hello muppy03,
Thankyou for your quick reply. My computer is really slow and AVG Anti-Virus keeps reporting viruses attached to iTunes files, even though I remove them.

Here is the Malwarebytes log:

Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

7/27/2009 10:52:34 AM
mbam-log-2009-07-27 (10-52-34).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 174548
Time elapsed: 1 hour(s), 27 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Last edited by DannySteel on July 26th, 2009, 9:13 pm, edited 1 time in total.
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 26th, 2009, 9:03 pm

Uninstall List:

Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Media Player
Adobe Reader 9.1.2
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.0
Apple Mobile Device Support
Apple Software Update
AVG Free 8.5
Bonjour
Critical Update for Windows Media Player 11 (KB959772)
DVD Region+CSS Free 5.9.8.5
DVD Shrink 3.2
ESET Online Scanner v3
e-tax 2009
GEAR driver installer for x86 and x64
getPlus(R) for Adobe
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Intel(R) Extreme Graphics Driver
Intel(R) PRO Network Adapters and Drivers
iTunes
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 26th, 2009, 9:04 pm

Logfile of random's system information tool 1.06 (written by random/random)
Run by DV at 2009-07-27 11:06:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 313 MB (4%) free of 8 GB
Total RAM: 495 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:00 AM, on 7/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Downloads\RSIT\RSIT.exe
D:\Downloads\HijackThis\DV.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.telstra.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telstra BigPond Home Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Fire-Trust SiteHound - {C86AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - D:\Program Files\FireTrust\SiteHound\SiteHound.dll
O3 - Toolbar: SiteHound - {73F7F495-A325-4C52-BE48-5F97FA511E89} - D:\Program Files\FireTrust\SiteHound\SiteHound.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinPatrol] D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - D:\Program Files\FireTrust\SiteHound\SiteHound.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.systemrequirementslab.com/sr ... ab_srl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www4.snapfish.com.au/SnapfishActivia.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 6472 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-25 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C86AE9C0-0909-4DDC-B661-C1AFB9F5AE53}]
CPub Object - D:\Program Files\FireTrust\SiteHound\SiteHound.dll [2008-03-14 1592416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{73F7F495-A325-4C52-BE48-5F97FA511E89} - SiteHound - D:\Program Files\FireTrust\SiteHound\SiteHound.dll [2008-03-14 1592416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-06-16 1948440]
""= []
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-11-13 981904]
"WinPatrol"=D:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2009-03-18 337216]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-05-21 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Picture Organiser\HomeOrderUpload.exe"="C:\Program Files\Picture Organiser\HomeOrderUpload.exe:*:Enabled:HomeOrderUpload"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"F:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="F:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"F:\Program Files\iTunes\iTunes.exe"="F:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2009-07-25 13:14:50 ----D---- C:\rsit
2009-07-15 19:24:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 19:23:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 19:20:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-08 07:55:19 ----D---- C:\etax2009
2009-07-02 19:28:26 ----D---- C:\WINDOWS\ie8updates
2009-07-02 19:26:56 ----D---- C:\WINDOWS\WBEM
2009-07-02 19:25:05 ----HDC---- C:\WINDOWS\ie8

======List of files/folders modified in the last 1 months======

2009-07-27 11:06:49 ----D---- C:\WINDOWS\Prefetch
2009-07-27 10:54:20 ----D---- C:\WINDOWS\Temp
2009-07-27 09:08:12 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-27 08:01:45 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-07-27 08:00:59 ----D---- C:\Documents and Settings\DV\Application Data\SiteHound
2009-07-27 07:53:57 ----D---- C:\WINDOWS\Internet Logs
2009-07-27 07:51:54 ----AD---- C:\WINDOWS
2009-07-26 21:43:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-26 12:05:14 ----HD---- C:\$AVG8.VAULT$
2009-07-25 17:34:11 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-25 17:22:43 ----D---- C:\WINDOWS\system32\drivers
2009-07-23 19:59:30 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-07-15 19:24:05 ----HD---- C:\WINDOWS\inf
2009-07-15 19:24:01 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-15 19:23:58 ----A---- C:\WINDOWS\imsins.BAK
2009-07-15 19:23:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-15 19:23:54 ----D---- C:\WINDOWS\system32
2009-07-14 08:57:30 ----SHD---- C:\WINDOWS\Installer
2009-07-14 08:57:28 ----D---- C:\Program Files\Telstra
2009-07-08 07:56:04 ----SD---- C:\Documents and Settings\DV\Application Data\Microsoft
2009-07-08 01:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-07 18:57:56 ----D---- C:\WINDOWS\network diagnostic
2009-07-07 09:34:51 ----A---- C:\WINDOWS\DVDRegionFree.INI
2009-07-03 07:51:12 ----D---- C:\WINDOWS\Help
2009-07-03 07:51:12 ----D---- C:\Program Files\Internet Explorer
2009-07-02 19:27:06 ----D---- C:\WINDOWS\system32\config
2009-07-02 19:26:56 ----D---- C:\WINDOWS\system32\en-us
2009-07-02 19:26:47 ----D---- C:\WINDOWS\Media
2009-07-02 03:03:34 ----D---- C:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-25 335752]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-06-17 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-21 108552]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-16 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-16 78752]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-12 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-01-10 601100]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-03-05 145408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-04-16 90907]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 SMBios;Intel (R) System Management BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2003-10-15 36484]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-03-21 9856]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-09-18 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-09-18 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-09-18 88688]
S3 se27nd5;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS); C:\WINDOWS\system32\DRIVERS\se27nd5.sys [2006-09-18 18704]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-09-18 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-09-18 90800]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-05 132424]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-25 907032]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-05-21 298776]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby muppy03 » July 26th, 2009, 9:27 pm

Hello, You ran a new scan of MBAM. Do you have a previous log, one that showed what infections it cleaned? That is the one I was after.
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4782
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Infections, Infections, Infections...

Unread postby muppy03 » July 27th, 2009, 3:16 am

Hi Danny

You only posted one of the RSIT logs, I need the info.txt. It can be found in the
C:\RSit folder. Please post on your next reply.


TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.


WGA Diagnostic Tool

Please follow this WGA troubleshooting procedure:

Please post (reply) with the results.

Please reply with:-
  • WGA diagnostic report
  • RSIT log ( info.txt)
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4782
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 27th, 2009, 5:47 am

Here is the MalwareBytes' log you requested. However MalwareBytes' didn't detect the viruses, AVG did and I removed them using that software...

Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

7/25/2009 6:58:12 PM
mbam-log-2009-07-25 (18-58-12).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 173198
Time elapsed: 1 hour(s), 24 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 27th, 2009, 5:51 am

Here is the AVG log:

Scan "Scheduled scan" was finished.
Infections;"370";"173";"197"
Folders selected for scanning:;"Scan whole computer"
Scan started:;"Saturday, July 25, 2009, 12:00:02 PM"
Scan finished:;"Saturday, July 25, 2009, 1:08:44 PM (1 hour(s) 8 minute(s) 42 second(s))"
Total object scanned:;"451731"
User who launched the scan:;"SYSTEM"

Infections
File;"Infection";"Result"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_da.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_de.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_en.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_es.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_fi.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_fr.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_iPodService.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_it.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_ja.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_ko.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_nb.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_nl.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_pl.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_pt.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_pt_PT.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_ru.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_sv.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_zh_CN.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iPodService.Resources_zh_TW.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_da.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_da.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_de.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_de.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_en.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_en.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_es.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_es.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_fi.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_fi.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_fr.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_fr.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_it.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_it.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_iTunes.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_iTunes.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_iTunesRegistry.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_ja.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_ja.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_ko.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_ko.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_nb.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_nb.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_nl.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_nl.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_pl.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_pl.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt_PT.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt_PT.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_ru.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_ru.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_sv.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_sv.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_CN.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_CN.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_TW.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_TW.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_da.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_de.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_en.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_es.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_fi.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_fr.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_it.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_iTunesHelper.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_ja.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_ko.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_nb.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_nl.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_pl.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_pt.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_pt_PT.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_ru.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_sv.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_zh_CN.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_zh_TW.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_da.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_de.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_en.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_es.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_fi.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_fr.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_it.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_iTunesMiniPlayer.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_ja.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_ko.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_nb.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_nl.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_pl.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_pt.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_pt_PT.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_ru.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_sv.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_zh_CN.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.0.52\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_zh_TW.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
C:\Program Files\iPod\bin\iPodService.Resources\da.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\es.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\fi.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\it.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\ja.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\ko.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\nb.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\nl.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\pl.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\pt.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\pt_PT.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\ru.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\sv.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\Program Files\iPod\bin\iPodService.Resources\zh_TW.lproj\iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021179.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021180.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021181.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021182.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021183.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021184.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021185.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021186.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021187.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021188.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021189.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021190.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021191.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021192.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021193.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021194.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021195.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021196.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
C:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021197.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
D:\Downloads\Apple\iTunesSetup.exe;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_da.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_de.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_en.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_es.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_fi.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_fr.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_iPodService.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_it.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_ja.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_ko.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_nb.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_nl.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_pl.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_pt.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_pt_PT.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_ru.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_sv.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_zh_CN.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iPodService.Resources_zh_TW.lproj_iPodServiceLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_da.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_da.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_de.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_de.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_en.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_en.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_es.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_es.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_fi.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_fi.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_fr.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_fr.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_it.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_it.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_iTunes.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_iTunes.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_iTunesRegistry.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_ja.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_ja.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_ko.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_ko.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_nb.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_nb.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_nl.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_nl.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_pl.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_pl.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt_PT.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_ru.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_ru.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_sv.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_sv.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_CN.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_CN.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_TW.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_zh_TW.lproj_iTunesLocalized.qtr;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_da.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_de.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_en.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_es.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_fi.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_fr.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_it.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_iTunesHelper.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_ja.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_ko.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_nb.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_nl.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_pl.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_pt.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_pt_PT.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_sv.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_zh_CN.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_zh_TW.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunes.Resources_pt_PT.lproj_iTunesLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_da.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_de.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_en.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesHelper.Resources_ru.lproj_iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_es.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_fr.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_it.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_fi.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_iTunesMiniPlayer.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_ja.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_nl.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_pl.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_pt.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_pt_PT.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_ko.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_nb.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_ru.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_sv.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_zh_CN.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
D:\Downloads\Apple\iTunesSetup.exe:\iTunes.msi:\iTunes.cab:\iTunesMiniPlayer.Resources_zh_TW.lproj_iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Infected"
F:\Program Files\iTunes\iTunes.Resources\da.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\da.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\de.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\de.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\en.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\es.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\es.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\fi.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\fi.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\fr.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\fr.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\it.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\it.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\iTunes.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\iTunes.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\iTunesRegistry.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\ja.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\ja.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\ko.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\ko.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\nb.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\nb.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\nl.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\nl.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\pl.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\pl.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\pt.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\pt.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\pt_PT.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\pt_PT.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\ru.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\ru.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\sv.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\sv.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\zh_CN.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\zh_CN.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\zh_TW.lproj\iTunesLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunes.Resources\zh_TW.lproj\iTunesLocalized.qtr;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\da.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\es.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\fi.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\it.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\ja.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\ko.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\nb.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\nl.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\pt.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\pt_PT.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\ru.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\sv.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\zh_CN.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesHelper.Resources\zh_TW.lproj\iTunesHelperLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\da.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\de.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\es.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\fi.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\it.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\ja.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\ko.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\nb.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\nl.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\pl.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\pt.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\pt_PT.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\ru.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\sv.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\zh_CN.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\Program Files\iTunes\iTunesMiniPlayer.Resources\zh_TW.lproj\iTunesMiniPlayerLocalized.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021198.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021199.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021200.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021201.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021202.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021203.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021204.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021205.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021206.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021207.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021208.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021209.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021210.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021211.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021212.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021213.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021214.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021215.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021216.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021217.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021218.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021219.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021220.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021221.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021222.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021223.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021224.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021225.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021226.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021227.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021228.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021229.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021230.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021231.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021232.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021233.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021234.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021235.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021236.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021237.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021238.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021239.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021240.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021241.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021242.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021243.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021244.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021245.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021246.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021247.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021248.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021249.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021250.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021251.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021252.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021253.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021254.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"
F:\System Volume Information\_restore{33A6FD2B-3244-4386-BD2B-C9882DF81B80}\RP112\A0021255.dll;"Trojan horse Small.BOG";"Moved to Virus Vault"

Warnings
File;"Infection";"Result"
C:\Documents and Settings\DV\Cookies\dv@atdmt[2].txt;"Found ";"Moved to Virus Vault"
C:\Documents and Settings\DV\Cookies\dv@atdmt[2].txt:\atdmt.com.74c5668;"Found ";"Moved to Virus Vault"
C:\Documents and Settings\DV\Cookies\dv@atdmt[2].txt:\atdmt.com.9e6d7fd3;"Found ";"Moved to Virus Vault"
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 27th, 2009, 5:56 am

info.txt logfile of random's system information tool 1.06 2009-07-25 13:16:25

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Media Player-->msiexec /qb /x {5C74694C-A687-E3EB-FF18-B018D4A76ECD}
Adobe Media Player-->MsiExec.exe /I{5C74694C-A687-E3EB-FF18-B018D4A76ECD}
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Apple Mobile Device Support-->MsiExec.exe /I{162B71B8-8464-4680-A086-601D555B331D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
DVD Region+CSS Free 5.9.8.5-->"D:\Program Files\DVD Region+CSS Free\unins000.exe"
DVD Shrink 3.2-->"D:\Program Files\DVD Shrink\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
e-tax 2009-->MsiExec.exe /X{0A8C7880-F199-4807-ABD4-6E695B71A3D7}
GEAR driver installer for x86 and x64-->MsiExec.exe /I{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
HijackThis 2.0.2-->"D:\SIN_ISLAND\SIN_ISLAND1\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
Malwarebytes' Anti-Malware-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office XP Media Content-->MsiExec.exe /I{90300409-6000-11D3-8CFE-0050048383C9}
Microsoft Office XP Professional-->MsiExec.exe /I{91110409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Movie Outline 3.0-->"D:\Program Files\Movie Outline 3.0\unins000.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Network Play System (Patching)-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}
OLYMPUS Master 2-->MsiExec.exe /X{0815D55A-5EFF-4E1B-8C04-7035E914D90D}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
SiteHound for Internet Explorer 2.0.0-->D:\Program Files\FireTrust\SiteHound\uninstie.exe
Sony Ericsson PC Suite-->MsiExec.exe /I{52809086-618D-4F0B-8BF1-B75A5BB817A4}
SoulSeek Client 156c-->"F:\Program Files\Soulseek\uninstall.exe"
Spybot - Search & Destroy-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.2-->"D:\Program Files\SpywareBlaster\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
The Sims Makin' Magic-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}\setup.exe" -l0009
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinPatrol 2009-->D:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xiph QuickTime Components-->"D:\Program Files\QuickTime\QTComponents\XiphQTuninstall.exe"
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Hosts File======

127.0.0.1 localhost
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
127.0.0.1 d.abnad.net

======Security center information======

AV: AVG Anti-Virus Free
FW: ZoneAlarm Firewall

======System event log======

Computer Name: DANIEL
Event Code: 54
Message:
Record Number: 148727
Source Name: AvgTdiX
Time Written: 20090613215917.000000+600
Event Type: warning
User:

Computer Name: DANIEL
Event Code: 54
Message:
Record Number: 148726
Source Name: AvgTdiX
Time Written: 20090613215917.000000+600
Event Type: warning
User:

Computer Name: DANIEL
Event Code: 54
Message:
Record Number: 148725
Source Name: AvgTdiX
Time Written: 20090613215917.000000+600
Event Type: warning
User:

Computer Name: DANIEL
Event Code: 54
Message:
Record Number: 148724
Source Name: AvgTdiX
Time Written: 20090613215917.000000+600
Event Type: warning
User:

Computer Name: DANIEL
Event Code: 54
Message:
Record Number: 148723
Source Name: AvgTdiX
Time Written: 20090613215917.000000+600
Event Type: warning
User:

=====Application event log=====

Computer Name: DANIEL
Event Code: 20
Message:
Record Number: 1482
Source Name: Google Update
Time Written: 20090115084945.000000+660
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: DANIEL
Event Code: 20
Message:
Record Number: 1474
Source Name: Google Update
Time Written: 20090114225317.000000+660
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: DANIEL
Event Code: 20
Message:
Record Number: 1473
Source Name: Google Update
Time Written: 20090114215319.000000+660
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: DANIEL
Event Code: 20
Message:
Record Number: 1472
Source Name: Google Update
Time Written: 20090114205317.000000+660
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: DANIEL
Event Code: 20
Message:
Record Number: 1471
Source Name: Google Update
Time Written: 20090114195318.000000+660
Event Type: error
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Teleca Shared;F:\Program Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0304
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"DEFAULT_CA_NR"=CA6
"tvdumpflags"=8
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 27th, 2009, 6:07 am

MGADIAG log:

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{0E6B3B1E-F1C4-4C32-A286-A650D0CFDEC8}</UGUID><Version>1.9.0011.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-PJYDD</PKey><PID>76477-OEM-2159731-43257</PID><PIDType>3</PIDType><SID>S-1-5-21-1606980848-1417001333-682003330</SID><SYSTEM><Manufacturer>INTEL_</Manufacturer><Model>D865GVHZ</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>BF86510A.86A.0069.P21.0409290100</Version><SMBIOSVersion major="2" minor="3"/><Date>20040929000000.000000+000</Date></BIOS><HWID>C78839E701848053</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>AUS Eastern Standard Time(GMT+10:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.105.35"/><File Name="OGAAddin.dll" Version="1.7.105.35"/><File Name="OGAVerify.exe" Version="1.7.105.35"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office XP Professional</Name><Ver>10</Ver><Val>68501C46C61A710</Val><Hash>23+C7qgaz7ZxzqBjEyz8XGRYBXA=</Hash><Pid>54186-OEM-1790911-69544</Pid><PidType>4</PidType></Product></Products><Applications><App Id="15" Version="10" Result="100"/><App Id="16" Version="10" Result="100"/><App Id="18" Version="10" Result="100"/><App Id="1A" Version="10" Result="100"/><App Id="1B" Version="10" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1A807:GENUINE C&C INC
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby muppy03 » July 27th, 2009, 6:26 am

Hi Danny,

The first half of the WGA diagnostic report is missing, could you please post the whole log.

Thanks :flower:
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4782
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Infections, Infections, Infections...

Unread postby DannySteel » July 27th, 2009, 8:20 pm

Hey muppy03, I apologise, here is the complete log:

Diagnostic Report (1.9.0011.0):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Validation Code: 0

Cached Validation Code: N/A
Windows Product Key: *****-*****-QRD4H-26499-PJYDD
Windows Product Key Hash: 3rpsQgrl+zoPAQtSthXP7QvILFw=
Windows Product ID: 76477-OEM-2159731-43257
Windows Product ID Type: 3
Windows License Type: OEM System Builder
Windows OS version: 5.1.2600.2.00010300.3.0.hom
ID: {0E6B3B1E-F1C4-4C32-A286-A650D0CFDEC8}(3)
Is Admin: Yes
TestCab: 0x0
WGA Version: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

WgaER Data-->
ThreatID(s): N/A
Version: N/A

WGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: 1.7.105.35
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: 100
Version: 1.7.105.35
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
Microsoft Office XP Professional - 100 Genuine
OGA Version: Registered, 1.7.105.35
Signed By: Microsoft
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{0E6B3B1E-F1C4-4C32-A286-A650D0CFDEC8}</UGUID><Version>1.9.0011.0</Version><OS>5.1.2600.2.00010300.3.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-PJYDD</PKey><PID>76477-OEM-2159731-43257</PID><PIDType>3</PIDType><SID>S-1-5-21-1606980848-1417001333-682003330</SID><SYSTEM><Manufacturer>INTEL_</Manufacturer><Model>D865GVHZ</Model></SYSTEM><BIOS><Manufacturer>Intel Corp.</Manufacturer><Version>BF86510A.86A.0069.P21.0409290100</Version><SMBIOSVersion major="2" minor="3"/><Date>20040929000000.000000+000</Date></BIOS><HWID>C78839E701848053</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>AUS Eastern Standard Time(GMT+10:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.105.35"/><File Name="OGAAddin.dll" Version="1.7.105.35"/><File Name="OGAVerify.exe" Version="1.7.105.35"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0050048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office XP Professional</Name><Ver>10</Ver><Val>68501C46C61A710</Val><Hash>23+C7qgaz7ZxzqBjEyz8XGRYBXA=</Hash><Pid>54186-OEM-1790911-69544</Pid><PidType>4</PidType></Product></Products><Applications><App Id="15" Version="10" Result="100"/><App Id="16" Version="10" Result="100"/><App Id="18" Version="10" Result="100"/><App Id="1A" Version="10" Result="100"/><App Id="1B" Version="10" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1A807:GENUINE C&C INC
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
DannySteel
Regular Member
 
Posts: 20
Joined: July 25th, 2009, 3:31 am

Re: Infections, Infections, Infections...

Unread postby muppy03 » July 28th, 2009, 4:35 am

Hi Danny,

Ok, Firstly RSIT log looks good. Is your only problem the Itunes files?

It seems to be an AVG problem their last update was creating false positives, they have hopefully corrected this problem. I would like you to open AVG, and click on "update now". Lets try that first, may save a heap of problems.

Let me know the outcome. :flower:
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4782
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Infections, Infections, Infections...

Unread postby markkhunt » August 1st, 2009, 11:52 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
markkhunt
Admin/Teacher Emeritus
 
Posts: 7911
Joined: April 15th, 2005, 8:58 pm
Location: Newburgh, IN
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware