Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:31:10 AM, on 8/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AIM\AIM Pro\aimpro.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Ares\Ares.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\Gcc.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
c:\toshiba\ivp\swupdate\swupdtmr.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
c:\program files\aim6\anotify.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.toshiba.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshiba.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.toshiba.com/
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [PadTouch] "C:\Program Files\TOSHIBA\PadTouch\PadExe.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~1\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IVPServiceMgr] C:\toshiba\ivp\ism\ivpsvmgr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [AIMPro] "C:\Program Files\AIM\AIM Pro\aimpro.exe"
O4 - HKLM\..\Run: [wosa] C:\DOCUME~1\amanda\LOCALS~1\Temp\woso.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{B2-23-31-13-ZN}] C:\windows\system32\nmdsregq.exe SKY009
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware
7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe
"C:\WINDOWS\system32\mnaqfuha.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program
Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US
ee://aol/imApp
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Yycb] C:\WINDOWS\??sks\n?tepad.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'Default user')
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program
Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Wireless-G Notebook Adapter.lnk = C:\Program
Files\Linksys\Wireless-G Notebook Adapter\Gcc.exe
O8 - Extra context menu item: &Search -
http://edits.mywebsearch.com/toolbaredi ... xdm492LTUS
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -
C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
{85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan
Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE
Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo
Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
-
http://update.microsoft.com/windowsupda ... web_site.c
ab?1179874091531
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
-
http://update.microsoft.com/microsoftup ... muweb_site.
cab?1179867341460
O22 - SharedTaskScheduler: za - {53B5F2B1-94DD-43E5-8187-EB4E31F00701} -
C:\WINDOWS\system32\l3acdb.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program
Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. -
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common
Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group -
C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION -
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DomainService - Unknown owner -
C:\WINDOWS\system32\nscpswwk.exe (file missing)
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. -
C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Net Agent - Unknown owner - C:\WINDOWS\dls0523pmw.exe (file
missing)
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program
Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) -
Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Swupdtmr - Unknown owner - c:\toshiba\ivp\swupdate\swupdtmr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online,
Inc. - C:\WINDOWS\wanmpsvc.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\MSN Gaming
Zone\profsy.html
--
End of file - 10193 bytes
Thanks for any help
Don't know if this will be of any use but here is also the bitdefender online scon report
BitDefender Online Scanner
Scan report generated at: Sat, Aug 11, 2007 - 01:07:12
Scan path: C:\;D:\;
Statistics
Time
06:32:58
Files
968269
Folders
4054
Boot Sectors
2
Archives
7722
Packed Files
57049
Results
Identified Viruses
10
Infected Files
24
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
22
Engines Info
Virus Definitions
690717
Engine build
AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)
Scan plugins
14
Archive plugins
37
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\amanda\Local Settings\Temp\pnri.exe
Infected with: Trojan.Downloader.JIWP
C:\Documents and Settings\amanda\Local Settings\Temp\pnri.exe
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temp\pnri.exe
Deleted
C:\Documents and Settings\amanda\Local Settings\Temp\vvif4fx2.dll
Infected with: Packer.Malware.NSAnti.H
C:\Documents and Settings\amanda\Local Settings\Temp\vvif4fx2.dll
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temp\vvif4fx2.dll
Deleted
C:\Documents and Settings\amanda\Local Settings\Temp\woso1.dll
Infected with: Packer.Malware.NSAnti.H
C:\Documents and Settings\amanda\Local Settings\Temp\woso1.dll
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temp\woso1.dll
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\HCW71LK9\idien[1]
Infected with: Trojan.Fotomoto.A
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\HCW71LK9\idien[1]
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[1].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[1].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[1].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[2].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[2].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[2].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[3].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[3].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\functions.js[3].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[1].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[1].htm
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[1].htm
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[2].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[2].htm
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[2].htm
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[3].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[3].htm
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\M57W18F2\popup[3].htm
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\OFNZ5YHA\functions.js[1].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\OFNZ5YHA\functions.js[1].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\OFNZ5YHA\functions.js[1].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\OFNZ5YHA\popup[1].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\OFNZ5YHA\popup[1].htm
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\OFNZ5YHA\popup[1].htm
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\QB8BFKQU\functions.js[1].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\QB8BFKQU\functions.js[1].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\QB8BFKQU\functions.js[1].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\functions.js[1].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\functions.js[1].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\functions.js[1].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\functions.js[2].php
Detected with: Application.JS.ForcePopup.I
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\functions.js[2].php
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\functions.js[2].php
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\popup[1].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\popup[1].htm
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\SLQVG5IV\popup[1].htm
Deleted
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\WTIZ8DQF\popup[1].htm
Infected with: Trojan.Clicker.CM
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\WTIZ8DQF\popup[1].htm
Disinfection failed
C:\Documents and Settings\amanda\Local Settings\Temporary Internet Files\Content.IE5\WTIZ8DQF\popup[1].htm
Deleted
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP44\A0011424.DLL
Infected with: Trojan.Funweb.A
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP44\A0011424.DLL
Disinfection failed
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP44\A0011424.DLL
Deleted
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP92\A0017301.dll
Infected with: Trojan.Agent.ABHK
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP92\A0017301.dll
Disinfection failed
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP92\A0017301.dll
Deleted
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP93\A0017573.DLL
Detected with: Adware.Mywebsearch.G
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP93\A0017573.DLL
Disinfection failed
C:\System Volume Information\_restore{5808F9B6-96B5-4803-A039-47EB1E010CB7}\RP93\A0017573.DLL
Deleted
C:\WINDOWS\system32\ddcca.dll
Infected with: DeepScan:Generic.Virtumonde.1.FC5E40C1
C:\WINDOWS\system32\ddcca.dll
Disinfection failed
C:\WINDOWS\system32\ddcca.dll
Delete failed
C:\WINDOWS\system32\mljkkkj.dll
Detected with: Adware.Virtumonde.GFZ
C:\WINDOWS\system32\mljkkkj.dll
Disinfection failed
C:\WINDOWS\system32\mljkkkj.dll
Deleted
C:\WINDOWS\system32\opnllmj.dll
Detected with: Adware.Virtumonde.GFZ
C:\WINDOWS\system32\opnllmj.dll
Disinfection failed
C:\WINDOWS\system32\opnllmj.dll
Deleted
C:\WINDOWS\system32\rqrqpqp.dll
Detected with: Adware.Virtumonde.GFZ
C:\WINDOWS\system32\rqrqpqp.dll
Disinfection failed
C:\WINDOWS\system32\rqrqpqp.dll
Delete failed
Thanks for any help