HELP ME PLEASE!!* Malwarebytes (MBAM) * GMER * MBRCheck * DDS
-
HELP ME PLEASE!!* Malwarebytes (MBAM) * GMER * MBRCheck * DDS
MBAM LOG
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes
Database version: 5567
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
1/21/2011 7:51:28 PM
mbam-log-2011-01-21 (19-51-28).txt
Scan type: Quick scan
Objects scanned: 189313
Time elapsed: 10 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 67
Registry Values Infected: 8
Registry Data Items Infected: 1
Folders Infected: 26
Files Infected: 383
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{1C2E5D27-A17C-4D89-85DD-3553C189380D} (Adware.RABCO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{F501C2AB-834A-4B9D-A86B-A1EADA760B00} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{F501C2AB-834A-4B9D-A86B-A1EADA760B00} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverIn staller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverIn staller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\xInsiDERexe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\BO1jiZmwnF2zhi (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\W MPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlo ok\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\ Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Gold VIP Club Casino (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_NPI (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_NPII (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\NPI (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\npii (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\R oot\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\INSTALL.EXE (Adware.Casino) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44CF-8957-5838F569A31D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{F501C2AB-834A-4B9D-A86B-A1EADA760B00} (Trojan.Vundo) -> Value: {F501C2AB-834A-4B9D-A86B-A1EADA760B00} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44cf-8957-5838F569A31D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{F501C2AB-834A-4B9D-A86B-A1EADA760B00} (Trojan.Vundo) -> Value: {F501C2AB-834A-4B9D-A86B-A1EADA760B00} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\npii (Worm.KoobFace) -> Value: npii -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad\DrvBoot (Trojan.Clicker) -> Value: DrvBoot -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad\zip (Trojan.Clicker) -> Value: zip -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
c:\documents and settings\administrator\application data\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\funwebproducts\Data\administrator (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\Rabio (Adware.Rabio) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\fonts (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\temp (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\installed (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\sounds (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\installed (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\JavaCore (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\temporary (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\dr6 (Adware.Rabio) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ech5 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\iDlo18 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\lows8 (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\typ2 (Trojan.Downloader) -> Quarantined and deleted successfully.
Files Infected:
c:\documents and settings\administrator\my documents\downloads\smileycentralpfsetup2.3.66.5.n osa.nohp.znfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\my documents\downloads\zwinkysetup2.3.50.57.zjfox000. exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\my documents\downloads\zwinkysetup2.3.64.1.zjfox000.e xe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\documents and settings\Me\local settings\Temp\iwingames\downloads\cache.dat (Trojan.Goldun) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\local settings\application data\010110154524997.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\local settings\application data\0535049569854.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\local settings\application data\05554525610056.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\local settings\application data\05748541005049.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\bm9c819e53.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\funwebproducts\Data\administrator\avatar.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\menu.txt (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\auslots.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\bj.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\casino.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\casino.ico (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\casino.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\directsound.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\gold vip club casino.ico (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\Install.exe (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\lbyinst.exe (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\lobby.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\marquee.txt (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\miniprocess.exe (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\msvcp60.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\msvcrt.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\plibc32.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\roulette.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\scratchcards.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\slots.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\winsound.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\zlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\fonts\albw.ttf (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\american roulette (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\american roulette.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - base slots (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - base slots.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - diamond dozen (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - diamond dozen.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\Lobby (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\Lobby.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\packages (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\roulette - common (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\roulette - common.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\rtg slots - base slots (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\rtg slots - base slots.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\rtg slots - crazy vegas (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\rtg slots - crazy vegas.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - 5 diamond blackjack (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - 5 diamond blackjack.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - base scratch cards (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - iris 300 (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - iris 300.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - super diamond mine.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - three reel common (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - three reel common.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\smartdownload (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\smartdownload.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - lucky 8s (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - lucky 8s.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - magic 7s (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - magic 7s.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - base (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - base.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - common (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - common.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - crazy dragon (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - crazy dragon.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - diamond mine (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - diamond mine.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - fame and fortune (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - warlocks spell.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\scratch cards - base scratch cards.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\slots - five reel common.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\blackjack - common (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\blackjack - common.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\blackjack - standard (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\blackjack - standard.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\fonts - latin (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\fonts - latin.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - fame and fortune.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - funky monkey (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - funky monkey.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - golden retriever (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - golden retriever.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - jackpot pinatas (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - jackpot pinatas.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - medal tally (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - medal tally.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - mister money (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - mister money.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\installed\australian slots - warlocks spell (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\action_button.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\bj.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\blackjack32.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\card.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\cards32.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.php.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino32.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino32.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.php.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.php.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips32.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dgcommon.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dm-common.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dm-diamondd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\DM-fame.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dm-funkymonkey.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\DM-Medal.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dm-mistermoney.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dm-pinatas.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\dm-retriever.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\DM-witch.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\exit.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\history.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.php.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\iris.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\lobby.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\lobby.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\logos.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\options.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\rings.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\roulette.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\roulette.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\roulette.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\rtg-brandinglayers.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\rtg-brandinglayers.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\rtg-crazyvegas.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\sccommon.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\sc_5dm_bj.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\sc_lucky8.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\sc_msevens.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\casino.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\chips.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.php.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slot.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slotcd.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slotdm.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\slots.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\table.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\table.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\tables32.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\rsc\tbslot.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\baccarat_youwin.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\blackjack.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\Bust.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cmn000.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cmn001.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cmn002.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cmn003.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cmn004.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cmn005.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_anticipation.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_button.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_complete.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_complete_2.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_icon.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_icon_2.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt159.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt162.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt163.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt164.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt165.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt166.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt167.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltdiamonddbluediamond.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltdiamondddelightloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltdiamonddfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltdiamonddwhitediamond.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltdiamonddwipe.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfameandfortunefreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfameandfortunesymbolglamourgirl.w av (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeatureapplause.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmistermoneyfeaturewin.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmistermoneyfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmistermoneysymboldiamondred.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmistermoneysymboldiamondwhite.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellfeaturedrop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellfeaturepick.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellfeaturewin.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellsymbolspellbook.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellsymbolwarlock.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltwarlocksspellsymbolwitch.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\Win.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt004.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt005.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt006.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt007.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt008.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt009.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt010.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt040.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt041.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt042.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt049.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt060.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt061.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt062.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt063.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt064.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt152.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt154.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt155.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt156.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt157.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_loop_2.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_spin.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_trigger.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_trigger_2.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reelstop0.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reelstop1.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reelstop2.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reelstop3.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reelstop4.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reel_crank.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_reel_loop.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_feature_loop.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_03.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_20.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\scratch_coin_scratch_mag7.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt003.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt158.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeaturebongointro.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverdoorsignclack1.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmistermoneyfeatureloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_win_large.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_win_med.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_win_reg.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_win_scatter.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\cvs_win_substitute.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\scratch_rand_jackpot.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\scratch_win_large.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\shoecardsound.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt000.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt001.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\slt002.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeaturebongoloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeatureguitarintro.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeatureguitarloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeaturekeyboardintro.w av (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfeaturekeyboardloop.wa v (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeyfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeysymbolbanana.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltfunkymonkeysymbolfunkymonkey.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverdigloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverdoorclose.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverdoorsignclack2.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverfeaturewin.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieverfreeloopstart.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieversymbolbone.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltgoldenretrieversymbolgoldenretrie ver.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltjackpotpinatasbullpinatasymbol.wa v (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltjackpotpinatasdonkeypinatasymbol. wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltjackpotpinatasfeaturehit.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltjackpotpinatasfeaturepick.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltjackpotpinatasfeaturewin.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltjackpotpinatasfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmedaltallyfreeloop.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmedaltallysymbolmedals.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\sltmistermoneyfeatureclick.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_04.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_05.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_06.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_07.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_08.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_09.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_10.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_11.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_12.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_13.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_14.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_15.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_16.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_17.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_18.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_19.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_21.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_22.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_23.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_24.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_25.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_26.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_27.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_28.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_29.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_30.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_31.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_32.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_33.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_34.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_35.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_36.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\insurance.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\playerwins.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\Push.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\rl001.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\rl002.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\rl003.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\rl004.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\scratch_card_tear.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\scratch_coin_scratch.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\scratch_coin_scratch_lucky8.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_00.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_01.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\sounds\handscore_02.ogg (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\package_list.ini (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\package_list.ini.crc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\installed\slots - five reel common (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.php.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\rsc\5reel.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\sounds\slt019.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - five reel common\sounds\slt050.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\installed\slots - super diamond mine (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\rsc\superdm.en.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\rsc\superdm.rsc (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt023.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt091.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt092.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt093.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt094.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt095.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt096.wav (Adware.Casino) -> Quarantined and deleted successfully.
c:\program files\gold vip club casino\_patch\slots - super diamond mine\sounds\slt097.wav (Adware.Casino) -> Quarantined and deleted successfully.
GMER.LOG
GMER 1.0.15.15530 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-01-21 20:23:45
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdePort0 ST3400620A rev.3.AAE
Running: eo2dkxoi.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fwayrpod.sys
---- Kernel code sections - GMER 1.0.15 ----
? csrrybb.sys The system cannot find the file specified. !
.rsrc C:\WINDOWS\system32\drivers\intelide.sys entry point in ".rsrc" section [0xF7C74094]
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF662F360, 0x24BB1D, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\wuauclt.exe[2428] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0249000A
.text C:\WINDOWS\system32\wuauclt.exe[2428] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 024B000A
.text C:\WINDOWS\system32\wuauclt.exe[2428] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 0248000C
.text C:\WINDOWS\System32\svchost.exe[2716] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A5000A
.text C:\WINDOWS\System32\svchost.exe[2716] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00A6000A
.text C:\WINDOWS\System32\svchost.exe[2716] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A4000C
.text C:\WINDOWS\System32\svchost.exe[2716] ole32.dll!CoCreateInstance 774FFAC3 5 Bytes JMP 00B2000A
.text C:\WINDOWS\explorer.exe[3072] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00F4000A
.text C:\WINDOWS\explorer.exe[3072] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00F5000A
.text C:\WINDOWS\explorer.exe[3072] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00F3000C
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 842E9AEA
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 842E9AEA
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP0T1L0-c 842E9AEA
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-18 842E9AEA
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T1L0-20 842E9AEA
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \Device\Ide\IdeDeviceP0T0L0-4 -> \??\IDE#DiskST3400620A____________________________ __3.AAE___#5&b1800df&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Classes\CLSID\{5958769B-DAAD-1459-D951-42822C139697}\InprocServer32@ C:\Program Files\support.com\bin\tglib.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{5958769B-DAAD-1459-D951-42822C139697}\InprocServer32@ThreadingModel Both
Reg HKLM\SOFTWARE\Classes\CLSID\{5958769B-DAAD-1459-D951-42822C139697}\ProgID@ Tglib.TgDiscovery.1
Reg HKLM\SOFTWARE\Classes\CLSID\{5958769B-DAAD-1459-D951-42822C139697}\TypeLib@ {01111001-3e00-11d2-8470-0060089874ed}
Reg HKLM\SOFTWARE\Classes\CLSID\{5958769B-DAAD-1459-D951-42822C139697}\VersionIndependentProgID@ Tglib.TgDiscovery
Reg HKLM\SOFTWARE\Classes\CLSID\{F13B38F2-4869-5605-2D00-E9E5E3AF0FA8}\InprocHandler32@ ole32.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{F13B38F2-4869-5605-2D00-E9E5E3AF0FA8}\InprocServer32@ C:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLDMO.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{F13B38F2-4869-5605-2D00-E9E5E3AF0FA8}\InprocServer32@ThreadingModel Both
Reg HKLM\SOFTWARE\Classes\CLSID\{F13B38F2-4869-5605-2D00-E9E5E3AF0FA8}\ProgID@ SQLDMO.View2.8.0
Reg HKLM\SOFTWARE\Classes\CLSID\{F13B38F2-4869-5605-2D00-E9E5E3AF0FA8}\VersionIndependentProgID@ SQLDMO.View2
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sectors 781422512 (+254): rootkit-like behavior;
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\system32\drivers\intelide.sys suspicious modification; TDL3 <-- ROOTKIT !!!
---- EOF - GMER 1.0.15 ----
=================================================
MBR CHECK
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 2 (build 2600)
Logical Drives Mask: 0x0000003d
Kernel Drivers (total 143):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EC000 \WINDOWS\system32\hal.dll
0xF7C6F000 \WINDOWS\system32\KDCOM.DLL
0xF7B7F000 \WINDOWS\system32\BOOTVID.dll
0xF776F000 csrrybb.sys
0xF7720000 ACPI.sys
0xF7C71000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF770F000 pci.sys
0xF777F000 isapnp.sys
0xF79EF000 \WINDOWS\System32\Drivers\PCIIDEX.SYS
0xF7C73000 intelide.sys
0xF778F000 MountMgr.sys
0xF76F0000 ftdisk.sys
0xF7C75000 dmload.sys
0xF76CA000 dmio.sys
0xF79F7000 PartMgr.sys
0xF779F000 VolSnap.sys
0xF76B4000 imagedrv.sys
0xF769C000 \WINDOWS\System32\DRIVERS\SCSIPORT.SYS
0xF7684000 atapi.sys
0xF77AF000 disk.sys
0xF77BF000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF7664000 fltmgr.sys
0xF7652000 sr.sys
0xF77CF000 PxHelp20.sys
0xF763B000 KSecDD.sys
0xF75AE000 Ntfs.sys
0xF7581000 NDIS.sys
0xF7566000 Mup.sys
0xF77DF000 agp440.sys
0xF783F000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF662F000 \SystemRoot\System32\DRIVERS\nv4_mini.sys
0xF661B000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xF7B6F000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF65F8000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF7B77000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xF7A17000 \SystemRoot\System32\DRIVERS\RTL8139.SYS
0xF64B3000 \SystemRoot\system32\drivers\P16X.sys
0xF6490000 \SystemRoot\system32\drivers\ks.sys
0xF646C000 \SystemRoot\system32\drivers\portcls.sys
0xF786F000 \SystemRoot\system32\drivers\drmk.sys
0xF6440000 \SystemRoot\System32\DRIVERS\ctoss2k.sys
0xF6420000 \SystemRoot\System32\DRIVERS\ctsfm2k.sys
0xF7C53000 \SystemRoot\System32\DRIVERS\gameenum.sys
0xF7A1F000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF787F000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xF7A27000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF7A3F000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF788F000 \SystemRoot\System32\DRIVERS\serial.sys
0xF7C57000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF5DC9000 \SystemRoot\System32\DRIVERS\parport.sys
0xF6EB2000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF6EA2000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF7A77000 \SystemRoot\System32\Drivers\incdrm.SYS
0xF7A7F000 \SystemRoot\System32\DRIVERS\InCDPass.sys
0xF7A87000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0xF6E92000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7A8F000 \SystemRoot\System32\DRIVERS\ManyCam.sys
0xF6E82000 \SystemRoot\System32\DRIVERS\STREAM.SYS
0xF7DC6000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF7CA3000 \SystemRoot\System32\Drivers\RootMdm.sys
0xF7AD7000 \SystemRoot\System32\Drivers\Modem.SYS
0xF793F000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF6C90000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF4C6D000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF794F000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF795F000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF7ADF000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF4C5C000 \SystemRoot\System32\DRIVERS\psched.sys
0xF796F000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xF7AE7000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF7AEF000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF7AF7000 \SystemRoot\system32\DRIVERS\RimSerial.sys
0xF4C2B000 \SystemRoot\System32\DRIVERS\rdpdr.sys
0xF797F000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF7CC1000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF4BAA000 \SystemRoot\System32\DRIVERS\update.sys
0xF7C37000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF798F000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF799F000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF7CC3000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF1E7D000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF7CEB000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7E49000 \SystemRoot\System32\Drivers\Null.SYS
0xF7CED000 \SystemRoot\System32\Drivers\Beep.SYS
0xF1E6D000 \SystemRoot\System32\drivers\vga.sys
0xF7CEF000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7CF1000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7CF3000 \SystemRoot\System32\Drivers\InCDrec.SYS
0xF1E01000 \SystemRoot\System32\Drivers\InCDfs.SYS
0xF1E65000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF1E5D000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF6CA4000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xF1DEE000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xF1D96000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xF1D7D000 \SystemRoot\System32\Drivers\avgtdix.sys
0xF1D55000 \SystemRoot\System32\DRIVERS\netbt.sys
0xF6C9C000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xF1D33000 \SystemRoot\System32\drivers\afd.sys
0xF789F000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF1D10000 \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
0xF1CE5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xF1C76000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF78BF000 \SystemRoot\System32\Drivers\Fips.SYS
0xF1C55000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF78CF000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xF1E4D000 \SystemRoot\System32\Drivers\avgmfx86.sys
0xF1C04000 \SystemRoot\System32\Drivers\avgldx86.sys
0xF7A47000 \SystemRoot\System32\DRIVERS\usbccgp.sys
0xF7519000 \SystemRoot\system32\DRIVERS\usb8023.sys
0xF7A4F000 \SystemRoot\system32\DRIVERS\RNDISMP.SYS
0xF3A82000 \SystemRoot\System32\DRIVERS\usbscan.sys
0xF7A57000 \SystemRoot\System32\DRIVERS\usbprint.sys
0xF7A5F000 \SystemRoot\System32\DRIVERS\HIDPARSE.SYS
0xF1BE1000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF3AA2000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7B2F000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7E9A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB9C82000 \SystemRoot\System32\DRIVERS\nwlnkipx.sys
0xF6A7F000 \SystemRoot\System32\DRIVERS\nwlnknb.sys
0xBA534000 \SystemRoot\System32\DRIVERS\packet.sys
0xBA52C000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xF351F000 \SystemRoot\System32\DRIVERS\nwlnkspx.sys
0xB9AF2000 \SystemRoot\System32\DRIVERS\nwrdr.sys
0xB9A9E000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xB9A89000 \SystemRoot\system32\drivers\wdmaud.sys
0xF2145000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7C87000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB9C12000 \??\C:\WINDOWS\System32\drivers\CdaD10BA.SYS
0xB9C1A000 \??\C:\WINDOWS\system32\drivers\PfModNT.sys
0xB9633000 \SystemRoot\System32\DRIVERS\srv.sys
0xB9356000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xF7AFF000 \??\C:\Program Files\GameTap\bin\Release\X4HSX32.Sys
0xF7A2F000 \SystemRoot\System32\DRIVERS\nwlnkfwd.sys
0xB910A000 \SystemRoot\System32\DRIVERS\nwlnkflt.sys
0xB8BCA000 \SystemRoot\System32\Drivers\HTTP.sys
0xB7F30000 \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fwayrpod.sy s
0xB7F05000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll
Processes (total 40):
0 System Idle Process
4 System
608 C:\WINDOWS\system32\smss.exe
684 csrss.exe
708 C:\WINDOWS\system32\winlogon.exe
756 C:\WINDOWS\system32\services.exe
768 C:\WINDOWS\system32\lsass.exe
928 C:\WINDOWS\system32\svchost.exe
996 svchost.exe
1172 C:\Program Files\Windows SteadyState\SCTSvc.exe
1836 svchost.exe
1956 svchost.exe
240 C:\WINDOWS\system32\LEXBCES.EXE
320 C:\WINDOWS\system32\spoolsv.exe
524 svchost.exe
1232 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
1344 C:\Program Files\Dell Network Assistant\hnm_svc.exe
1704 C:\WINDOWS\system32\inetsrv\inetinfo.exe
1728 C:\Program Files\Ahead\InCD\incdsrv.exe
1800 C:\Program Files\iWin Games\iWinGamesInstaller.exe
1892 C:\Program Files\Java\jre6\bin\jqs.exe
2000 C:\WINDOWS\system32\nvsvc32.exe
1040 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1076 C:\WINDOWS\system32\tcpsvcs.exe
1788 C:\WINDOWS\system32\snmp.exe
2052 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
2116 C:\Program Files\Spyware Terminator\sp_rsser.exe
2204 C:\WINDOWS\system32\svchost.exe
2764 C:\WINDOWS\system32\taskmgr.exe
3072 C:\WINDOWS\explorer.exe
3580 alg.exe
2716 C:\WINDOWS\system32\svchost.exe
3196 C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
3556 C:\Program Files\AVG\AVG8\avgrsx.exe
1524 C:\PROGRA~1\AVG\AVG8\avgnsx.exe
3712 C:\PROGRA~1\AVG\AVG8\avgemc.exe
1396 C:\Program Files\AVG\AVG8\avgcsrvx.exe
1132 C:\Program Files\Mozilla Firefox 3.1 Beta 3\firefox.exe
3292 C:\Program Files\Mozilla Firefox 3.1 Beta 3\plugin-container.exe
3468 C:\Documents and Settings\Administrator\My Documents\Downloads\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (FAT32)
PhysicalDrive0 Model Number: ST3400620A, Rev: 3.AAE
PhysicalDrive1 Model Number: ST34313A, Rev: 3.23
Size Device Name MBR Status
--------------------------------------------
372 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: C9196B56D0C35AFD0BFCB8C191882ADFE0D35C92
4 GB \\.\PhysicalDrive1 Unknown MBR code
SHA1: 74A926263746B77560FDE95D54041BCE960062B1
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
Done!
==============================
ATTACH.TXT
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/13/2007 5:05:41 AM
System Uptime: 1/21/2011 7:54:17 PM (1 hours ago)
Motherboard: Dell Computer Corp. | | 0M0321
Processor: Intel(R) Pentium(R) 4 CPU 2.53GHz | Microprocessor | 2524/533mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 128 GiB total, 81.968 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 2.546 GiB free.
E: is CDROM ()
F: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Description: USB Human Interface Device
Device ID: USB\VID_413C&PID_5103&MI_02\6&2D1A7D1F&0&0002
Manufacturer: (Standard system devices)
Name: USB Human Interface Device
PNP Device ID: USB\VID_413C&PID_5103&MI_02\6&2D1A7D1F&0&0002
Service: HidUsb
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_1039&SUBSYS_01421028&REV_81\4&3B1 CAF2B&0&40F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_1039&SUBSYS_01421028&REV_81\4&3B1 CAF2B&0&40F0
Service:
==== System Restore Points ===================
RP555: 10/27/2010 12:06:21 PM - System Checkpoint
RP556: 11/21/2010 2:42:32 PM - System Checkpoint
RP557: 11/23/2010 12:12:27 PM - System Checkpoint
RP558: 1/16/2011 9:48:11 PM - System Checkpoint
==== Installed Programs ======================
AAC Decoder
Ad-Aware 2007 Beta
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player 11
Advanced Video FX Engine
Ahead InCD
Ahead InCD EasyWrite Reader
Ahead Nero Burning ROM
Ahead NeroMIX
Ahead NeroVision Express
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoUpdate
AVG Free 8.5
Bazooka Scanner
Bejeweled 2 Deluxe
BlackBerry Desktop Software 5.0.1
BlackBerry® Media Sync
Build-a-lot 2: Town of the Year
Build-a-lot 3
Camfrog Video Chat 3.94 (remove only)
CCleaner
CCScore
Chicken Invaders 3 Xmas (remove only)
Comcast Access
Cooking Dash
Coupon Printer for Windows
Crawler Radio & MP3 Player
Crawler Toolbar with Web Security Guard
Creative CD Burner Drive Update
Creative Live! Cam Center
Creative Live! Cam Doodling
Creative Live! Cam Manager
Creative Live! Cam Video IM Driver (1.01.01.00)
Creative Live! Cam Video IM User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Critical Update for Windows Media Player 11 (KB959772)
CueClub
Defraggler (remove only)
Dell AIO Printer A940
Dell Network Assistant
Dell Support 3.2.1
Dell Support Center
Dell Support Center (Support Software)
Digital Locker Assistant
Digital Make-up
Diner Dash
Diner Dash (remove only)
Diner Dash 2
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DNA
EasyBeadPatterns
eGames Collector's Edition Patch
eGames Master's Edition 151
Egg Vs. Chicken (remove only)
Eleven
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
ESSvpaht
ESSvpot
Facebook Plug-In
Farm Mania
Fashion Star (remove only)
filehippo.com Update Checker
FileSpecs plug-in for Ad-Aware SE
Fishing Special Edition
Flickr Uploadr 2.3
Flock 1.1
Form Fill (Windows Live Toolbar)
FreeFixer
FriendFinder Messenger v3.0
Galapago
Galaxy of Games 201
Games Add-in for Windows Live® Toolbar
GameTap
Gems 3D
Go-Go Gourmet (remove only)
Google Earth
H.264 Decoder
HijackThis 2.0.2
HLPIndex
HLPRFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Facemaker by Weehuddy
Intel A/V Codecs V2.0
InterActual Player
iTunes
iWin Games (remove only)
Java Auto Updater
Java(TM) 6 Update 20
Jojos Fashion Show (remove only)
Junk Mail filter update
Kiss Me
EasyShare software
KSU
Last.fm 1.5.4.24567
LimeWire 5.1.4
Lindh Medical Assisting Study Software
LSP Explorer plug-in for Ad-Aware SE
Mah-Jomino
Mah Jong Medley
Mah Jong Quest (remove only)
Mah Jong Quest III (remove only)
Mahjong Escape
Mahjong Garden Deluxe
Mahjong Match
MahJong Suite 2009 v6.1
Mahjong Tales Ancient Wisdom
Mahjong Towers Eternity
Mahjong World
Malwarebytes' Anti-Malware
ManyCam 2.1 (remove only)
Map Button (Windows Live Toolbar)
Merriam Websters Spell Jam
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Internet Explorer Administration Kit 5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Location Finder
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Resource Kit
Microsoft Office XP Web Components
Microsoft Publisher 2002
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
MKV Splitter
Move Media Player
Mozilla Firefox (3.6.12)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB973686)
My Free Mahjong v.2.0
Mythic Mahjong
Nimo Codecs Pack v4.33 (Remove Only)
Norton Spyware Scan
Norton Spyware Scan provided by Yahoo!
Notifier
NVIDIA Drivers
OLYMPUS Master 2
OneCare Advisor (Windows Live Toolbar)
OpenOffice.org 3.0
PCDADDIN
PCDHELP
Pizza Frenzy
Plantasia - (remove only)
Popup Blocker (Windows Live Toolbar)
Puzzle Solitaire
QuickTime
RealArcade
RealPlayer
Roxio Media Manager
SAMSUNG Mobile USB DRIVER(4.40.1.0) v1.0
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942830)
Security Update for Windows XP (KB942831)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975254)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
SFR
Shangri La 2
SHASTA
SKIN0001
SKINXSDK
Slingo Supreme
Smart Menus (Windows Live Toolbar)
Sound Blaster Live!
Spybot - Search & Destroy
Spyware Terminator
SpywareBlaster 4.0
StumbleUpon IE Toolbar
Tabbed Browsing (Windows Live Toolbar)
TBS WMP Plug-in
The Playa
The Poppit! Show
Trend Micro TrendProtect for Internet Explorer
Uniblue ProcessQuickLink 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB925720)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
VideoLAN VLC media player 0.8.6c
VPRINTOL
PictureMover
WebCyberCoach 3.2 Dell
WebFldrs XP
Webshots Desktop
Webshots Toolbar
Windows Defender
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows SteadyState
Windows XP Service Pack 2
WinZip
WIRELESS
WONplay
Word Connect
Word Riot Deluxe
Word Wiz
Wordigo (remove only)
Wordscape Online Party (remove only)
Wordz Toolbar for Internet Explorer
Yahoo! Anti-Spy
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Toolbar
Yahtzee
Yumsters! 2 - Around the World Evaluation
Zylom Games Player Plugin
==== Event Viewer Messages From Past Week ========
1/21/2011 8:07:56 PM, error: Service Control Manager [7034] - The AVG8 E-mail Scanner service terminated unexpectedly. It has done this 3 time(s).
1/21/2011 8:04:32 PM, error: Service Control Manager [7034] - The AVG8 E-mail Scanner service terminated unexpectedly. It has done this 2 time(s).
1/21/2011 7:58:41 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
1/21/2011 7:57:18 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Upnp Server 9 service to connect.
1/21/2011 7:57:18 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveShare P2P Server 9 service to connect.
1/21/2011 7:57:18 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Ad-Aware 2007 Service service to connect.
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The World Wide Web Publishing service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The SupportSoft Sprocket Service (dellsupportcenter) service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The Spyware Terminator Realtime Shield Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The SNMP Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The Simple TCP/IP Services service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The iWinGamesInstaller service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The InCD File System Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The FTP Publishing service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7034] - The AVG8 E-mail Scanner service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:48 PM, error: Service Control Manager [7031] - The IIS Admin service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1 milliseconds: Run the configured recovery program.
1/21/2011 3:07:48 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AVG8 WatchDog service to connect.
1/21/2011 3:07:48 PM, error: Service Control Manager [7000] - The AVG8 WatchDog service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/21/2011 3:07:07 PM, error: Service Control Manager [7034] - The Advanced Networking Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:07 PM, error: Service Control Manager [7031] - The AVG8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
1/21/2011 3:07:06 PM, error: Service Control Manager [7034] - The Windows SteadyState Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:06 PM, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 3:07:06 PM, error: Service Control Manager [7034] - The Ad-Aware 2007 Service service terminated unexpectedly. It has done this 1 time(s).
1/21/2011 2:57:36 PM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
1/20/2011 1:22:42 PM, error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/16/2011 9:47:07 PM, error: DCOM [10000] - Unable to start a DCOM Server: {80EE4901-33A8-11D1-A213-0080C88593A5}. The error: "%1260" Happened while starting this command: DfrgNtfs.exe -Embedding
1/16/2011 9:35:19 PM, error: Service Control Manager [7034] - The AG Windows Service service terminated unexpectedly. It has done this 1 time(s).
1/16/2011 9:35:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: NPI
1/16/2011 9:35:15 PM, error: Service Control Manager [7022] - The AG Windows Service service hung on starting.
1/16/2011 9:33:57 PM, error: Service Control Manager [7023] - The npii service terminated with the following error: The specified module could not be found.
1/16/2011 9:33:57 PM, error: Service Control Manager [7022] - The Windows SteadyState Service service hung on starting.
1/16/2011 9:33:57 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.
1/16/2011 9:33:57 PM, error: Service Control Manager [7000] - The npkcrypt service failed to start due to the following error: The system cannot find the path specified.
1/16/2011 9:33:57 PM, error: Service Control Manager [7000] - The Camera Connection Software service failed to start due to the following error: The system cannot find the file specified.
1/16/2011 9:31:06 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
1/16/2011 9:31:06 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
1/16/2011 11:55:10 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
1/16/2011 11:42:55 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
1/16/2011 11:42:25 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BITS with arguments "" in order to run the server: {F087771F-D74F-4C1A-BB8A-E16ACA9124EA}
1/16/2011 11:41:54 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BITS with arguments "" in order to run the server: {6D18AD12-BDE3-4393-B311-099C346E6DF9}
1/15/2011 11:44:59 AM, error: Service Control Manager [7024] - The Routing and Remote Access service terminated with service-specific error 1003 (0x3EB).
1/15/2011 11:44:50 AM, error: RemoteAccess [20103] - Unable to load C:\WINDOWS\System32\ipxrtmgr.dll.
1/15/2011 11:44:49 AM, error: Service Control Manager [7000] - The IPX Traffic Filter Driver service failed to start due to the following error: Access is denied.
1/15/2011 11:44:49 AM, error: IPXRouterManager [20133] - IPX Routing failed to start because IPX forwarder driver could not be loaded.
1/14/2011 8:07:57 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
1/14/2011 5:55:20 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
==== End Of File ===========================
-
Welcome aboard 
Please, observe following rules:
- Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
- If you're stuck, or you're not sure about certain step, always ask before doing anything else.
- Please refrain from running tools or applying updates other than those I suggest.
- Never run more than one scan at a time.
- Keep updating me regarding your computer behavior, good, or bad.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
- If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
- I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
================================================== ==========================
DDS.txt log is missing.
-
-
I'm closing this topic indefinitely.
Newbie
