Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Various Issues

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Various Issues

Unread postby Christopher » June 9th, 2010, 4:55 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:38:20 PM, on 6/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.houghton.edu/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 127.0.1.1 www.avp.com
O1 - Hosts: 127.0.1.1 avp.com
O1 - Hosts: 127.0.1.1 www.nod32-es.com
O1 - Hosts: 127.0.1.1 nod32-es.com
O1 - Hosts: 127.0.1.1 www.eset.com
O1 - Hosts: 127.0.1.1 eset.com
O1 - Hosts: 127.0.1.1 www.nod32-a.com
O1 - Hosts: 127.0.1.1 nod32-a.com
O1 - Hosts: 127.0.1.1 u20.eset.com
O1 - Hosts: 127.0.1.1 u21.eset.com
O1 - Hosts: 127.0.1.1 u22.eset.com
O1 - Hosts: 127.0.1.1 u23.eset.com
O1 - Hosts: 127.0.1.1 u24.eset.com
O1 - Hosts: 127.0.1.1 u25.eset.com
O1 - Hosts: 127.0.1.1 u26.eset.com
O1 - Hosts: 127.0.1.1 u27.eset.com
O1 - Hosts: 127.0.1.1 u28.eset.com
O1 - Hosts: 127.0.1.1 u29.eset.com
O1 - Hosts: 127.0.1.1 u30.eset.com
O1 - Hosts: 127.0.1.1 u31.eset.com
O1 - Hosts: 127.0.1.1 u32.eset.com
O1 - Hosts: 127.0.1.1 u33.eset.com
O1 - Hosts: 127.0.1.1 u34.eset.com
O1 - Hosts: 127.0.1.1 u35.eset.com
O1 - Hosts: 127.0.1.1 u36.eset.com
O1 - Hosts: 127.0.1.1 u37.eset.com
O1 - Hosts: 127.0.1.1 u38.eset.com
O1 - Hosts: 127.0.1.1 u39.eset.com
O1 - Hosts: 127.0.1.1 u40.eset.com
O1 - Hosts: 127.0.1.1 u41.eset.com
O1 - Hosts: 127.0.1.1 u42.eset.com
O1 - Hosts: 127.0.1.1 u43.eset.com
O1 - Hosts: 127.0.1.1 u44.eset.com
O1 - Hosts: 127.0.1.1 u45.eset.com
O1 - Hosts: 127.0.1.1 u46.eset.com
O1 - Hosts: 127.0.1.1 u47.eset.com
O1 - Hosts: 127.0.1.1 u48.eset.com
O1 - Hosts: 127.0.1.1 u49.eset.com
O1 - Hosts: 127.0.1.1 u50.eset.com
O1 - Hosts: 127.0.1.1 89.202.157.135
O1 - Hosts: 127.0.1.1 89.202.157.136
O1 - Hosts: 127.0.1.1 89.202.157.137
O1 - Hosts: 127.0.1.1 89.202.157.138
O1 - Hosts: 127.0.1.1 89.202.157.139
O1 - Hosts: 127.0.1.1 www.kaspersky.com
O1 - Hosts: 127.0.1.1 www.kaspersky.com.mx
O1 - Hosts: 127.0.1.1 latam.kaspersky.com
O1 - Hosts: 127.0.1.1 usa.kaspersky.com
O1 - Hosts: 127.0.1.1 kaspersky.com
O1 - Hosts: 127.0.1.1 support.kaspersky.com
O1 - Hosts: 127.0.1.1 kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads1.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads2.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads3.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads4.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads5.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads6.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads7.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads8.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 downloads9.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us1.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us2.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us3.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us4.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us5.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us6.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us7.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us8.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us9.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us10.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us11.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us12.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us13.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us14.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 dnl-us15.kaspersky-labs.com
O1 - Hosts: 127.0.1.1 my-etrust.com
O1 - Hosts: 127.0.1.1 www.my-etrust.com
O1 - Hosts: 127.0.1.1 www.bitdefender.es
O1 - Hosts: 127.0.1.1 bitdefender.es
O1 - Hosts: 127.0.1.1 www.bitdefender.com
O1 - Hosts: 127.0.1.1 bitdefender.com
O1 - Hosts: 127.0.1.1 secure.nai.com
O1 - Hosts: 127.0.1.1 nai.com
O1 - Hosts: 127.0.1.1 www.nai.com
O1 - Hosts: 127.0.1.1 vil.nai.com
O1 - Hosts: 127.0.1.1 pctools.com
O1 - Hosts: 127.0.1.1 www.pctools.com
O1 - Hosts: 127.0.1.1 update.symantec.com
O1 - Hosts: 127.0.1.1 updates.symantec.com
O1 - Hosts: 127.0.1.1 liveupdate.symantec.com
O1 - Hosts: 127.0.1.1 customer.symantec.com
O1 - Hosts: 127.0.1.1 symantec.com
O1 - Hosts: 127.0.1.1 www.symantec.com
O1 - Hosts: 127.0.1.1 security.symantec.com
O1 - Hosts: 127.0.1.1 shop.symantecstore.com
O1 - Hosts: 127.0.1.1 symantec.com
O1 - Hosts: 127.0.1.1 securityresponse.symantec.com
O1 - Hosts: 127.0.1.1 liveupdate.symantecliveupdate.com
O1 - Hosts: 127.0.1.1 service1.symantec.com
O1 - Hosts: 127.0.1.1 ftp.symantec.com
O1 - Hosts: 127.0.1.1 rads.mcafee.com
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.apple.com.edgesuite.net ... taller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 8944743840
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7887007778
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = houghton.edu
O17 - HKLM\Software\..\Telephony: DomainName = houghton.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = houghton.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = houghton.edu
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program files\lenovo\system update\suservice.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

--
End of file - 15726 bytes

=========================================================

Uninstall List

Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AviSynth 2.5
Bonjour
calibre
Catalyst Control Center - Branding
ccc-Branding
CCleaner (remove only)
DVD Decrypter (Remove Only)
GTK+ Runtime 2.14.7 rev a (remove only)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB969084)
Hotfix for Windows XP (KB979306)
ImgBurn
InterVideo WinDVD
iTunes
Java(TM) 6 Update 13
LiveUpdate 3.1 (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
OGA Notifier 2.0.0048.0
Orbit Downloader
PaltalkScene
PokerStars
Productivity Center Supplement for ThinkPad
QuickTime
Rescue and Recovery Critical Patch for Windows Update (KB917422)
Scid 4.2.2
Scroll Lock Indicator Utility
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB980470)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Sonic Express Labeler
Sonic RecordNow!
Sonic Update Manager
SoundMAX
Steam
Symantec AntiVirus
System Update
ThinkPad 11a/b/g/n Wireless LAN Mini-PCI Express Adapter
ThinkPad Configuration
ThinkPad EasyEject Utility
ThinkPad FullScreen Magnifier
ThinkPad Integrated 56K Modem
ThinkPad Keyboard Customizer Utility
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad Presentation Director
ThinkPad SATA Power Management Driver
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkPad UltraNav Wizard
ThinkVantage Access Connections
ThinkVantage Active Protection System
ThinkVantage Productivity Center
TrackPoint Accessibility Features
Tweak UI
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (kb981433)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB955759)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Videora iPod Converter 5.04
VitalSource Bookshelf
VLC media player 1.0.5
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
WinRAR archiver
Xvid 1.2.2 final uninstall

===================================

Issues: My computer is slow, facebook redirects to 'http://busca-google.com' (which looks to be some sort of Spanish version of Google, albeit weird and different), and just general ick.

I recently had BitComet installed and did some (genuinely legal) downloading, more to experiment with torrenting and its advantages/disadvantages. Did a MalwareBytes check and found 499 infections.

So, essentially, I've managed to f*** up my computer. I'm looking to get it squeaky clean, but also fit; it is a bit bloated with unnecessary programs and additions. This is a school computer, and they had a lot of extra stuff added on to it. I know its not your area, but if you have any recommendations for things I can remove without issue (such as, for example, some of the ThinkPad stuff), I'd greatly appreciate the advice.

But mainly, I just want to get this thing disease-free. I don't feel at all comfortable doing financial things on it.

Extra information is, of course, available on request.
Christopher
Active Member
 
Posts: 5
Joined: June 9th, 2010, 4:31 pm
Advertisement
Register to Remove

Re: Various Issues

Unread postby xixo_12 » June 11th, 2010, 9:43 pm

Hello and Welcome to Anti-Malware Forums.Image
Introduction and rules :
  • I'm xixo_12 and really glad to help you.
  • You're advised to refrain running any self fixes until I give the "All Clean Speech"
  • Instruction in this topic is special create for current problem and don't apply those on another system.
  • You're advised to ask for any uncertainty.
  • If you are receiving help or have received help on this problem elsewhere, please let us know.

Please make sure you have done your reading on this topic : How to get help at this forum
Please! If you need more time to do all the instructions, let me know before 72hours is done. Otherwise, your thread will be closed

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Now, we will start the collaboration.
Do keep in mind, removing malware is one of hazardous undertaking. I'm ready to share what I have learn through years in removing malware but I'm also fallible.
You're advised to back up all the important data before we start.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

First,
Discussion
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = houghton.edu
O17 - HKLM\Software\..\Telephony: DomainName = houghton.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = houghton.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = houghton.edu

I want to hear your explanation on the above quote. This computer belong to houghton?

What you need to post
Checklist.
  • Respond to our discussion
User avatar
xixo_12
MRU Master Emeritus
 
Posts: 2340
Joined: October 14th, 2008, 11:40 am
Location: Malaysia

Re: Various Issues

Unread postby Christopher » June 12th, 2010, 12:54 am

I went to a school called Houghton College. I got this computer through the school, and they calibrated it for their system. The 'houghton.edu' part of the computer is fine and not malware. The computer belongs to me.

Thanks for the help, btw!
Christopher
Active Member
 
Posts: 5
Joined: June 9th, 2010, 4:31 pm

Re: Various Issues

Unread postby xixo_12 » June 12th, 2010, 2:58 am

Hi,
Thank you for clarification.
Since it have relation with your college, I suggest you take this machine to college's IT department or go to any shop that have respective towards this job.

I don't want to deal with any sensitive information or change anything related with setting that have been setup by your college.

I will ask this topic to be close.

Thanks!
User avatar
xixo_12
MRU Master Emeritus
 
Posts: 2340
Joined: October 14th, 2008, 11:40 am
Location: Malaysia

Re: Various Issues

Unread postby Christopher » June 12th, 2010, 3:16 am

No; I'm graduated. They don't have anything to do with this laptop anymore. I'm seven hours away from the college, and even if I were there, the helpdesk wouldn't help me. The computer is entirely mine, and my responsibility.
Christopher
Active Member
 
Posts: 5
Joined: June 9th, 2010, 4:31 pm

Re: Various Issues

Unread postby xixo_12 » June 12th, 2010, 7:43 am

Hi,
Try to run this.

First,
MGADiag.
Please download from HERE and save to the desktop.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in. Save this file MGADiag.txt and post it in your next reply.

Next,
CKScanner.
Please download from HERE and save to the desktop.
  • Double click on CKScanner.exe to run it and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

What you need to post
Checklist.
  • Content of MGADiag.txt
  • Content of CKFiles.txt
User avatar
xixo_12
MRU Master Emeritus
 
Posts: 2340
Joined: October 14th, 2008, 11:40 am
Location: Malaysia

Re: Various Issues

Unread postby Christopher » June 12th, 2010, 6:13 pm

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-9F8V3-3VYK6-G3HWM
Windows Product Key Hash: ivn4SeCC65BMqeWLmEzPmeFWkoI=
Windows Product ID: 76487-640-2243325-23321
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {3F481EC0-D418-423D-A08E-E8A58B662A53}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Documents and Settings\christopher.berman10\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{3F481EC0-D418-423D-A08E-E8A58B662A53}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-G3HWM</PKey><PID>76487-640-2243325-23321</PID><PIDType>1</PIDType><SID>S-1-5-21-597839278-755170946-728528838</SID><SYSTEM><Manufacturer>IBM</Manufacturer><Model>1850A18</Model></SYSTEM><BIOS><Manufacturer>IBM</Manufacturer><Version>76ET68WW (1.28 )</Version><SMBIOSVersion major="2" minor="33"/><Date>20061115000000.000000+000</Date></BIOS><HWID>68053A07018400E2</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>1</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>6CB17A994AC2586</Val><Hash>cooKrRatsA/Y4OTkS6RL9iCM9cA=</Hash><Pid>89388-707-1284231-65790</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 14058:IBM|14113:Lenovo
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A

========================

CK

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----
Christopher
Active Member
 
Posts: 5
Joined: June 9th, 2010, 4:31 pm

Re: Various Issues

Unread postby xixo_12 » June 12th, 2010, 7:06 pm

Hi,
Let's proceed

First,
Remove programs.
Please Click on Start > Control Panel > Add/Remove Programs
Remove the listed program(s) by clicking Remove
PokerStars

If some programs listed above are not in present, please do not panic and proceed to the next step.

Next,
Fix entries.
  • Run the HiJack This.
  • Click on Do a system scan only button.
  • Search the entries as below and tick at the small box.
    O1 - Hosts: 127.0.1.1 http://www.avp.com
    O1 - Hosts: 127.0.1.1 avp.com
    O1 - Hosts: 127.0.1.1 http://www.nod32-es.com
    O1 - Hosts: 127.0.1.1 nod32-es.com
    O1 - Hosts: 127.0.1.1 http://www.eset.com
    O1 - Hosts: 127.0.1.1 eset.com
    O1 - Hosts: 127.0.1.1 http://www.nod32-a.com
    O1 - Hosts: 127.0.1.1 nod32-a.com
    O1 - Hosts: 127.0.1.1 u20.eset.com
    O1 - Hosts: 127.0.1.1 u21.eset.com
    O1 - Hosts: 127.0.1.1 u22.eset.com
    O1 - Hosts: 127.0.1.1 u23.eset.com
    O1 - Hosts: 127.0.1.1 u24.eset.com
    O1 - Hosts: 127.0.1.1 u25.eset.com
    O1 - Hosts: 127.0.1.1 u26.eset.com
    O1 - Hosts: 127.0.1.1 u27.eset.com
    O1 - Hosts: 127.0.1.1 u28.eset.com
    O1 - Hosts: 127.0.1.1 u29.eset.com
    O1 - Hosts: 127.0.1.1 u30.eset.com
    O1 - Hosts: 127.0.1.1 u31.eset.com
    O1 - Hosts: 127.0.1.1 u32.eset.com
    O1 - Hosts: 127.0.1.1 u33.eset.com
    O1 - Hosts: 127.0.1.1 u34.eset.com
    O1 - Hosts: 127.0.1.1 u35.eset.com
    O1 - Hosts: 127.0.1.1 u36.eset.com
    O1 - Hosts: 127.0.1.1 u37.eset.com
    O1 - Hosts: 127.0.1.1 u38.eset.com
    O1 - Hosts: 127.0.1.1 u39.eset.com
    O1 - Hosts: 127.0.1.1 u40.eset.com
    O1 - Hosts: 127.0.1.1 u41.eset.com
    O1 - Hosts: 127.0.1.1 u42.eset.com
    O1 - Hosts: 127.0.1.1 u43.eset.com
    O1 - Hosts: 127.0.1.1 u44.eset.com
    O1 - Hosts: 127.0.1.1 u45.eset.com
    O1 - Hosts: 127.0.1.1 u46.eset.com
    O1 - Hosts: 127.0.1.1 u47.eset.com
    O1 - Hosts: 127.0.1.1 u48.eset.com
    O1 - Hosts: 127.0.1.1 u49.eset.com
    O1 - Hosts: 127.0.1.1 u50.eset.com
    O1 - Hosts: 127.0.1.1 89.202.157.135
    O1 - Hosts: 127.0.1.1 89.202.157.136
    O1 - Hosts: 127.0.1.1 89.202.157.137
    O1 - Hosts: 127.0.1.1 89.202.157.138
    O1 - Hosts: 127.0.1.1 89.202.157.139
    O1 - Hosts: 127.0.1.1 http://www.kaspersky.com
    O1 - Hosts: 127.0.1.1 http://www.kaspersky.com.mx
    O1 - Hosts: 127.0.1.1 latam.kaspersky.com
    O1 - Hosts: 127.0.1.1 usa.kaspersky.com
    O1 - Hosts: 127.0.1.1 kaspersky.com
    O1 - Hosts: 127.0.1.1 support.kaspersky.com
    O1 - Hosts: 127.0.1.1 kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads1.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads2.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads3.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads4.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads5.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads6.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads7.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads8.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 downloads9.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us1.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us2.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us3.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us4.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us5.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us6.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us7.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us8.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us9.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us10.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us11.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us12.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us13.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us14.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 dnl-us15.kaspersky-labs.com
    O1 - Hosts: 127.0.1.1 my-etrust.com
    O1 - Hosts: 127.0.1.1 http://www.my-etrust.com
    O1 - Hosts: 127.0.1.1 http://www.bitdefender.es
    O1 - Hosts: 127.0.1.1 bitdefender.es
    O1 - Hosts: 127.0.1.1 http://www.bitdefender.com
    O1 - Hosts: 127.0.1.1 bitdefender.com
    O1 - Hosts: 127.0.1.1 secure.nai.com
    O1 - Hosts: 127.0.1.1 nai.com
    O1 - Hosts: 127.0.1.1 http://www.nai.com
    O1 - Hosts: 127.0.1.1 vil.nai.com
    O1 - Hosts: 127.0.1.1 pctools.com
    O1 - Hosts: 127.0.1.1 http://www.pctools.com
    O1 - Hosts: 127.0.1.1 update.symantec.com
    O1 - Hosts: 127.0.1.1 updates.symantec.com
    O1 - Hosts: 127.0.1.1 liveupdate.symantec.com
    O1 - Hosts: 127.0.1.1 customer.symantec.com
    O1 - Hosts: 127.0.1.1 symantec.com
    O1 - Hosts: 127.0.1.1 http://www.symantec.com
    O1 - Hosts: 127.0.1.1 security.symantec.com
    O1 - Hosts: 127.0.1.1 shop.symantecstore.com
    O1 - Hosts: 127.0.1.1 symantec.com
    O1 - Hosts: 127.0.1.1 securityresponse.symantec.com
    O1 - Hosts: 127.0.1.1 liveupdate.symantecliveupdate.com
    O1 - Hosts: 127.0.1.1 service1.symantec.com
    O1 - Hosts: 127.0.1.1 ftp.symantec.com
    O1 - Hosts: 127.0.1.1 rads.mcafee.com
  • Close any other program and leave HiJackThis program alone.
  • Click Fix checked.

Next,
ATF by Atribune
Please download HERE and save to the desktop. Double-click ATF Cleaner.exe to open it.
Under Main choose:
    choose: Select All
    Click the Empty Selected button.
if you use Firefox:
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
if you use Opera:
    Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program

Next,
Malwarebytes' Anti-Malware - Run
  • Double-click Malwarebytes' Anti-Malware to run the program.
  • Click on Update tab > Check for Updates.
  • Once done, click on Scanner tab, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
    Image
  • Refer to above image and then click Remove Selected to proceed.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
Note:
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.


What you need to post
Checklist.
  • Content of MBAM log
User avatar
xixo_12
MRU Master Emeritus
 
Posts: 2340
Joined: October 14th, 2008, 11:40 am
Location: Malaysia

Re: Various Issues

Unread postby Christopher » June 13th, 2010, 1:12 am

I already rand Malwarebytes a few days ago. I'll post the first log, then the second. The second log is most recent.

============================

First

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4184

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

6/9/2010 4:11:32 PM
mbam-log-2010-06-09 (16-11-32).txt

Scan type: Full scan (C:\|)
Objects scanned: 192789
Time elapsed: 55 minute(s), 52 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 496

Memory Processes Infected:
C:\WINDOWS\system32\updmngr.exe (Trojan.Banload) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Banload) -> Data: c:\windows\system32\updmngr.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Banload) -> Data: system32\updmngr.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\updmngr.exe (Trojan.Banload) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\005.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\006.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\008.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\009.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\010.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\011.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\012.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\015.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\016.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\018.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\024.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\028.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\033.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\037.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\038.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\043.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\045.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\047.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\048.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\050.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\886.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\889.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\890.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\891.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\893.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\899.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\900.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\901.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\903.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\904.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\905.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\908.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\910.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\912.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\913.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\914.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\916.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\917.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\918.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\922.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\924.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\925.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\930.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\931.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\935.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\939.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\940.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\943.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\944.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\945.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\946.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\948.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\949.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\952.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\953.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\954.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\955.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\450.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\451.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\452.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\459.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\461.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\464.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\466.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\470.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\472.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\475.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\477.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\478.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\479.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\481.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\482.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\483.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\486.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\487.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\488.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\489.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\492.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\493.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\494.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\495.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\498.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\499.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\196.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\197.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\198.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\200.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\202.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\205.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\209.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\210.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\212.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\213.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\214.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\215.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\216.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\219.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\220.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\221.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\222.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\223.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\224.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\227.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\693.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\696.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\698.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\699.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\701.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\702.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\703.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\705.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\706.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\708.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\709.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\710.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\711.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\713.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\717.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\718.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\719.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\722.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\728.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\729.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\731.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\051.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\103.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\151.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\194.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\228.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\263.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\335.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\389.exe (Trojan.Banload) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\448.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\503.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\564.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\692.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\773.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\829.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\878.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\957.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\998.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\336.exe (Trojan.Banload) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\338.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\340.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\341.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\342.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\344.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\345.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\346.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\349.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\350.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\354.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\355.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\357.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\358.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\364.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\366.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\369.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\371.exe (Trojan.Banload) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\372.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\374.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\375.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\376.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\378.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\380.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\382.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\385.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\386.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\388.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\565.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\566.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\570.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\575.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\576.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\577.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\578.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\581.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\582.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\583.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\586.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\587.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\589.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\593.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\594.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\600.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\602.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\603.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\606.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\607.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\608.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\609.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\611.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\613.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\615.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\616.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\621.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\622.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\623.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\105.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\106.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\108.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\109.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\110.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\111.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\112.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\115.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\116.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\118.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\119.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\120.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\122.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\123.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\125.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\126.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\129.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\131.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\135.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\136.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\137.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\141.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\143.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\144.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\145.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\146.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\150.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\774.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\776.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\778.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\781.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\784.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\785.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\787.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\795.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\798.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\799.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\804.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\805.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\807.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\809.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\810.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\816.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\817.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\819.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\823.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\826.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\827.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\828.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\265.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\271.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\272.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\273.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\277.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\280.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\281.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\283.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\284.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\286.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\287.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\288.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\290.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\292.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\293.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\297.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\298.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\299.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\302.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\303.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\305.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\306.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\309.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\311.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\312.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\313.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\316.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\317.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\323.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\325.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\330.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\958.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\963.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\964.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\967.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\971.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\973.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\975.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\976.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\977.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\978.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\979.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\981.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\982.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\984.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\986.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\987.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\988.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\989.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\991.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\992.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\993.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\996.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\997.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\627.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\630.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\633.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\634.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\635.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\638.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\639.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\643.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\644.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\646.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\648.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\651.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\653.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\655.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\659.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\661.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\662.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\663.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\664.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\667.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\671.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\672.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\674.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\675.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\678.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\679.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\681.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\682.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\686.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\390.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\393.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\395.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\398.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\400.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\404.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\405.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\406.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\408.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\410.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\411.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\414.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\415.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\417.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\418.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\420.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\423.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\424.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\425.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\426.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\430.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\433.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\434.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\435.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\437.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\438.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\440.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\442.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\444.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\446.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\052.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\054.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\056.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\058.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\061.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\062.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\064.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\065.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\068.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\072.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\074.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\075.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\076.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\079.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\081.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\082.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\083.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\086.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\087.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\090.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\094.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\095.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\096.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\097.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\098.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\099.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\100.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\506.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\507.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\508.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\513.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\515.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\516.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\517.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\519.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\520.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\522.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\526.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\529.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\531.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\532.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\533.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\538.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\546.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\547.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\552.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\554.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\557.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\560.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\561.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\152.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\153.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\154.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\155.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\157.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\158.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\159.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\160.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\161.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\163.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\169.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\172.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\173.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\175.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\176.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\177.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\179.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\182.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\185.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\187.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\191.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\192.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\831.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\833.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\835.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\837.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\842.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\847.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\848.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\849.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\850.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\852.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\857.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\859.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\861.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\863.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\865.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\866.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\867.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\870.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\875.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\877.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\739.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\740.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\742.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\743.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\747.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\748.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\750.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\752.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\755.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\756.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\758.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\759.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\760.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\761.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\762.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\765.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\768.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\770.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\229.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\230.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\231.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\232.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\233.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\236.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\237.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\238.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\243.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\246.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\247.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\248.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\249.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\250.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\252.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\254.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\255.exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temp\258.exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temporary Internet Files\Content.IE5\I90AJ8YW\far1[1].exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temporary Internet Files\Content.IE5\KC3SVIDT\probantiguo1[1].exe (Trojan.VirTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temporary Internet Files\Content.IE5\KC3SVIDT\limp[2].exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temporary Internet Files\Content.IE5\KC3SVIDT\far1[1].exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\Documents and Settings\christopher.berman10\Local Settings\Temporary Internet Files\Content.IE5\KC3SVIDT\far1[2].exe (Trojan.Qhost) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-4752188686-2884567812-575701520-2047\rndl.exe (Worm.Autorun.B) -> Delete on reboot.
C:\System Volume Information\_restore{FDD90152-6E7F-4635-ADEC-6EC2628A35DF}\RP16\A0003258.exe (Trojan.Banload) -> Quarantined and deleted successfully.

============================

Second

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4192

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

6/12/2010 11:17:37 PM
mbam-log-2010-06-12 (23-17-37).txt

Scan type: Full scan (C:\|)
Objects scanned: 192369
Time elapsed: 48 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Christopher
Active Member
 
Posts: 5
Joined: June 9th, 2010, 4:31 pm

Re: Various Issues

Unread postby xixo_12 » June 13th, 2010, 2:47 am

Hi,
Let's proceed.

First,
RSIT by random/random.
Please download from HERE and save to the desktop.
  • Double-click on RSIT.exe to run the tool.
  • Click Continue at the disclaimer screen.
  • Once it finishes, two logs will open.
    • log.txt will be opened maximized
    • info.txt will be opened minimized
  • Please post the contents of both logs in your next post.
***You can find manually the log at C:\rsit

Next,
GMER.
Please download from HERE and save to the desktop.
  • Unzip/extract the file to its own folder.
  • Disconnect from the Internet and close all running programs.
    There is a small chance this application may crash your computer so save any work you have open.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan,click NO.
  • Click on >>> symbol and choose on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the Scan and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE"
Important! Please do not select the "Show all" checkbox during the scan..

What you need to post
Checklist.
  • Content of log.txt and info.txt (Find both in c:\rsit)
  • Content of GMER.txt
  • Please update new status of your system. Any other problems?
User avatar
xixo_12
MRU Master Emeritus
 
Posts: 2340
Joined: October 14th, 2008, 11:40 am
Location: Malaysia

Re: Various Issues

Unread postby NonSuch » June 17th, 2010, 12:54 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware