computer zonder antivirus geinstalleerd

**dannyma** · 16 November 2008, 23:59

hallo allemaal ,
graag had ik je een logje laten zien van pc zonder antivirus programma .
de hardeschijf is gescand geweest buiten de pc aangesloten als externe hd op en pc waar antivirus programma opstond de naam gaan ik onthouden want iedereen heeft zijn lieveling en wil hier geen discusie krijgen welke geen of goed is

.
ik wil je gewoon logje laten zien na van pc zonder antivirus aanwezig op je pc om andere die beweren dat zonder alles ok is

.
hier logje :
Scan Stats:
Scan Time: 1141 seconds
Scan Options:
Scan Targets: L:\WINDOWS
Counts:
Total items scanned: 26.891
- Files & Directories: 26.891
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0
- Trusted Files: 0
- Skipped Files: 2
Total security risks detected: 56
Total items resolved: 56
Total items that require attention: 0
Resolved Threats:
Trojan Horse
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\pss\svchost.execommon startup - Deleted

Trojan.Packed.13
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\spooldr.exe - Deleted

Trojan.EliteBar
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
113 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{0A1D22C3-37BE-470C-9C29-E3074EE0574B} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{02C20140-76F8-4763-83D5-B660107B7A11} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{02C20140-76F8-4763-83D5-B660107BABCD} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81ABC} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81C3A} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{ED103D9F-3070-4580-AB1E-E5C179C1AE41} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{a74cd7dd-ea6f-11d4-abf3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\Interface\{A74CD7DE-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\Interface\{A74CD7DF-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{CA9FC31A-6F35-4493-B629-E64BD6170A17} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{DF54D7DD-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\Interface\{276B0903-EB4B-46FF-8304-F093DEF69DE7} - Restart Required
HKEY_CLASSES_ROOT\Interface\{4AFF987A-773B-48E4-AEE8-08EBDDBDADF8} - Restart Required
HKEY_CLASSES_ROOT\Interface\{A9B28EF6-ABF3-463B-A3D8-4D0D0BADFADC} - Restart Required
HKEY_CLASSES_ROOT\Interface\{CAAB3B3F-E815-47D9-94FD-8BB9143C0077} - Restart Required
HKEY_CLASSES_ROOT\Interface\{DBF33E89-1784-42AC-ADE4-A428F56550A3} - Restart Required
HKEY_CLASSES_ROOT\Interface\{ED646219-20BF-41E5-80FD-EE49021DA599} - Restart Required
HKEY_CLASSES_ROOT\Interface\{DF54D7DE-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\EliteBar.EliteBarImpl - Restart Required
HKEY_CLASSES_ROOT\EliteBar.EliteBarImpl.1 - Restart Required
HKEY_CLASSES_ROOT\EliteBar.Navigator - Restart Required
HKEY_CLASSES_ROOT\EliteBar.Navigator.1 - Restart Required
HKEY_CLASSES_ROOT\PLOT.PlotCtrl.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.UICGBandObj.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.UICGBandObj - Restart Required
HKEY_CLASSES_ROOT\CGBand.CGBandObj.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.CGBandObj - Restart Required
HKEY_CLASSES_ROOT\CGBand.BHO.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.BHO - Restart Required
HKEY_LOCAL_MACHINE\Software\Elitum - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{ED103D9F-3070-4580-AB1E-E5C179C1AE41} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81ABC} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81C3A} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\EliteBar Internet Explorer Toolbar - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\elitemediagroup - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->I downloaded pirated Software from P2P and now I post my Hijack log whining - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->etbrun - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->kalvsys - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->lsass - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->checkrun - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service62 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service63 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service65 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service66 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service67 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service70 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service72 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service73 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service74 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service75 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service76 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service77 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service78 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service79 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\LQ - Restart Required
HKEY_USERS\S-1-5-19\Software\LQ - Restart Required
HKEY_USERS\S-1-5-20\Software\LQ - Restart Required
HKEY_USERS\.DEFAULT\Software\LQ - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->iebar - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Settings->e - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\InternetSettings\User Agent\Post Platform->acc=jocker - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\InternetSettings\User Agent\Post Platform->acc=none - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc=jocker - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc=none - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->(none) - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc=MrDrej - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->(MrDrej) - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc= - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar->{8E718888-423F-11D2-876E-00A0C9082467}:... - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
3 Files
l:\windows\svchost.exe - Deleted
C:\WINDOWS\etb\pokapoka79.exe - Restart Required
C:\WINDOWS\etb\pokapoka79.exe - Restart Required

Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
l:\windows\system32\ibdlrmpj.exe - Deleted
l:\windows\system32\capalkdr.exe - Deleted

Trojan.Vundo
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
128 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{83A5F7B7-DC75-44CE-9195-264F41709FA9} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{BAD263C7-B253-43D9-A1F7-25A1010E24E2} - Restart Required
HKEY_CLASSES_ROOT\MSEvents.MSEvents - Restart Required
HKEY_CLASSES_ROOT\MSEvents.MSEvents.1 - Restart Required
HKEY_CLASSES_ROOT\IEpl.IEpl - Restart Required
HKEY_CLASSES_ROOT\IEpl.IEPl.1 - Restart Required
HKEY_CLASSES_ROOT\DPCUpdater.DPCUpdater - Restart Required
HKEY_CLASSES_ROOT\DPCUpdater.DPCUpdater.1 - Restart Required
HKEY_CLASSES_ROOT\ATLDistrib.ATLDistrib - Restart Required
HKEY_CLASSES_ROOT\ATLDistrib.ATLDistrib.1 - Restart Required
HKEY_CLASSES_ROOT\RawExecAction.RawExecAction - Restart Required
HKEY_CLASSES_ROOT\RawExecAction.RawExecAction.1 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{83A5F7B7-DC75-44CE-9195-264F41709FA9} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{BAD263C7-B253-43D9-A1F7-25A1010E24E2} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks->{BAD263C7-B253-43D9-A1F7-25A1010E24E2} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->SysUpd - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->80b0514a - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->BM838362d6 - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\SysUpd - Restart Required
HKEY_CLASSES_ROOT\CLSID\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{A6CEA0E7-6B4D-4CD9-9932-D85705CBC1A9} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A6CEA0E7-6B4D-4CD9-9932-D85705CBC1A9} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainServic e - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\aldd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\aldd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\aldd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\aldd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\CAC - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\CAC - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\CAC - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\CAC - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\contim - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\contim - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\contim - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\contim - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\affltid - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\affltid - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\affltid - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\affltid - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\FCOVM - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\RemoveRP - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\80b043c4 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\fias4013 - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\fias4013 - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\fias4013 - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\fias4013 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon->SFCDisable:0 - Restart Required
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa->Authentication Packages:... - Restart Required
1 File
l:\windows\system32\afdqusse.exe - Deleted
1 Process
C:\WINDOWS\system32\rundll32.exe - Terminated

Trojan.Vundo
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
6 Files
l:\windows\system32\akqrklwv.exe - Deleted
l:\windows\system32\amgfqrst.exe - Deleted
l:\windows\system32\cayamsjm.exe - Deleted
l:\windows\system32\cbpqttpf.exe - Deleted
l:\windows\system32\cbxuuut.dll - Deleted
l:\windows\system32\dbamtkeh.exe - Deleted

Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
50 Files
l:\windows\system32\dllh8jkd1q1.exe - Deleted
l:\windows\system32\dqophkkq.exe - Deleted
l:\windows\system32\f06wtr\f06wtr1083.exe - Deleted
l:\windows\system32\fagfbdpx.exe - Deleted
l:\windows\system32\fghqaplj.exe - Deleted
l:\windows\system32\jswqbpib.dll - Deleted
l:\windows\system32\kptvnpbc.dll - Deleted
l:\windows\system32\oqmpkveb.exe - Deleted
l:\windows\system32\pkqqgiwf.exe - Deleted
l:\windows\system32\pyynxldx.dll - Deleted
l:\windows\system32\rfmrmohp.exe - Deleted
l:\windows\system32\rigfpxgw.exe - Deleted
l:\windows\system32\sexlitfx.exe - Deleted
l:\windows\system32\syvjurlt.exe - Deleted
l:\windows\system32\taupcqjr.exe - Deleted
l:\windows\system32\tvmefaxu.exe - Deleted
l:\windows\system32\tyewxsjq.dll - Deleted
l:\windows\system32\vbethbty.exe - Deleted
l:\windows\system32\fylquxpd.exe - Deleted
l:\windows\system32\gpdmshln.exe - Deleted
l:\windows\system32\wlwhhnag.exe - Deleted
l:\windows\system32\ocpvtwqx.exe - Deleted
[Restricted item (permission required)] - N/A
l:\windows\system32\ecwlvqtm.exe - Deleted
l:\windows\system32\epihkcvr.exe - Deleted
l:\windows\system32\gtmlljxu.exe - Deleted
[Restricted item (permission required)] - N/A
l:\windows\system32\haidgxqw.exe - Deleted
l:\windows\system32\hbctemkp.exe - Deleted
l:\windows\system32\iejedidl.dll - Deleted
l:\windows\system32\ogkiwbja.exe - Deleted
l:\windows\system32\pebcgyyd.exe - Deleted
l:\windows\system32\pecgnojt.exe - Deleted
l:\windows\system32\prhhcoxg.exe - Deleted
l:\windows\system32\sdqqlegi.exe - Deleted
l:\windows\system32\svcghriv.exe - Deleted
l:\windows\system32\usmuundl.exe - Deleted
l:\windows\system32\wqbcdfgh.exe - Deleted
l:\windows\system32\iupeeyxg.exe - Deleted
l:\windows\system32\iwmdfokv.exe - Deleted
l:\windows\system32\keinxruf.exe - Deleted
l:\windows\system32\ngnbdroo.exe - Deleted
l:\windows\system32\njymqudu.exe - Deleted
l:\windows\system32\chodnyoy.dll - Deleted
l:\windows\system32\xgxtfykd.exe - Deleted
l:\windows\system32\xmurortv.exe - Deleted
l:\windows\system32\setup9x.exe - Deleted
l:\windows\system32\xxdfgqek.exe - Deleted
l:\windows\system32\yvcpliln.exe - Deleted
l:\windows\system32\mhdayvyb.exe - Deleted

Trojan.Packed.13
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
20 Files
l:\windows\system32\dllh8jkd1q2.exe - Deleted
l:\windows\system32\dllh8jkd1q5.exe - Deleted
l:\windows\system32\dllh8jkd1q6.exe - Deleted
l:\windows\system32\dllh8jkd1q7.exe - Deleted
l:\windows\system32\gmc.exe.exe - Deleted
l:\windows\system32\kernelwind32.exe - Deleted
l:\windows\system32\spoolsvv.exe - Deleted
l:\windows\system32\vedxg4am1et2.exe - Deleted
l:\windows\system32\vedxg6ame4.exe - Deleted
l:\windows\system32\vedxga4m1et4.exe - Deleted
l:\windows\system32\home.exe.exe - Deleted
l:\windows\temp\2.dllb - Deleted
l:\windows\temp\5.dllb - Deleted
l:\windows\temp\6.dllb - Deleted
l:\windows\temp\7.dllb - Deleted
l:\windows\temp\bot4542.tmp - Deleted
l:\windows\temp\stdrun7.exe - Deleted
l:\windows\temp\v5xd4.ga2me - Deleted
l:\windows\temp\vx3dt2.game - Deleted
l:\windows\temp\parf788.tmp - Deleted

Trojan.Srizbi
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
5 Files
l:\windows\system32\drivers\ckw62.sys - Restart Required
l:\windows\system32\drivers\symavc32.sys - Restart Required
l:\windows\system32\drivers\csk58.sys - Restart Required
l:\windows\system32\drivers\lfe30.sys - Restart Required
l:\windows\system32\drivers\ydsu49.sys - Restart Required

Trojan.Pandex
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
4 Files
l:\windows\system32\drivers\runtime2.sys - Restart Required
l:\windows\system32\drivers\runtime2.sy_ - Deleted
l:\windows\system32\drivers\ip6fw.sys - Restart Required
l:\windows\temp\startdrv.exe - Deleted

Trojan.Peacomm!inf
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
2 Files
l:\windows\system32\drivers\tcpip.sys - Restart Required
l:\windows\system32\drivers\old38.tmp - Repaired

Hacktool.Rootkit
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
3 Files
l:\windows\system32\drivers\core.sys - Restart Required
l:\windows\system32\ntio256.sys - Restart Required
l:\windows\deskcfg.dat - Deleted

Trojan.Vundo
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
128 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{83A5F7B7-DC75-44CE-9195-264F41709FA9} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{BAD263C7-B253-43D9-A1F7-25A1010E24E2} - Restart Required
HKEY_CLASSES_ROOT\MSEvents.MSEvents - Restart Required
HKEY_CLASSES_ROOT\MSEvents.MSEvents.1 - Restart Required
HKEY_CLASSES_ROOT\IEpl.IEpl - Restart Required
HKEY_CLASSES_ROOT\IEpl.IEPl.1 - Restart Required
HKEY_CLASSES_ROOT\DPCUpdater.DPCUpdater - Restart Required
HKEY_CLASSES_ROOT\DPCUpdater.DPCUpdater.1 - Restart Required
HKEY_CLASSES_ROOT\ATLDistrib.ATLDistrib - Restart Required
HKEY_CLASSES_ROOT\ATLDistrib.ATLDistrib.1 - Restart Required
HKEY_CLASSES_ROOT\RawExecAction.RawExecAction - Restart Required
HKEY_CLASSES_ROOT\RawExecAction.RawExecAction.1 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{83A5F7B7-DC75-44CE-9195-264F41709FA9} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{BAD263C7-B253-43D9-A1F7-25A1010E24E2} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks->{BAD263C7-B253-43D9-A1F7-25A1010E24E2} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->SysUpd - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->80b0514a - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->BM838362d6 - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\SysUpd - Restart Required
HKEY_CLASSES_ROOT\CLSID\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{A6CEA0E7-6B4D-4CD9-9932-D85705CBC1A9} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A6CEA0E7-6B4D-4CD9-9932-D85705CBC1A9} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\DomainServic e - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\aldd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\aldd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\aldd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\aldd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\rdfa - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\CAC - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\CAC - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\CAC - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\CAC - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\contim - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\contim - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\contim - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\contim - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\affltid - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\affltid - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\affltid - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\affltid - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\FCOVM - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\RemoveRP - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\80b043c4 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\fias4013 - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\fias4013 - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\fias4013 - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\fias4013 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon->SFCDisable:0 - Restart Required
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa->Authentication Packages:... - Restart Required
1 File
l:\windows\system32\ewkqfipk.exe - Deleted
1 Process
C:\WINDOWS\system32\rundll32.exe - Terminated

Trojan.SpamThru
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
l:\windows\system32\ewvcjpp.dll - Deleted
l:\windows\system32\goumfux.dll - Deleted

Trojan.Vundo
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
49 Files
l:\windows\system32\exccmvef.exe - Deleted
l:\windows\system32\fbotowix.exe - Deleted
l:\windows\system32\fccbabb.dll - Deleted
l:\windows\system32\kmiuhdsw.exe - Deleted
l:\windows\system32\ktotxaqn.exe - Deleted
l:\windows\system32\olmjnbqf.exe - Deleted
l:\windows\system32\opnkjgd.dll - Deleted
l:\windows\system32\otthsoda.dll - Deleted
l:\windows\system32\pgmucqkr.exe - Deleted
l:\windows\system32\rfhunocf.exe - Deleted
l:\windows\system32\roluphak.exe - Deleted
l:\windows\system32\rumfumtm.exe - Deleted
l:\windows\system32\sgyksxiu.exe - Deleted
l:\windows\system32\tybgggal.exe - Deleted
l:\windows\system32\ucqefvyw.exe - Deleted
l:\windows\system32\vtgyvrfo.exe - Deleted
l:\windows\system32\vuirstlk.dll.bak - Deleted
l:\windows\system32\vxygobqo.exe - Deleted
l:\windows\system32\uufrijey.exe - Deleted
l:\windows\system32\vabgfuqy.exe - Deleted
l:\windows\system32\vbldlchd.exe - Deleted
l:\windows\system32\fxjgicuf.exe - Deleted
l:\windows\system32\ggwqujvo.exe - Deleted
l:\windows\system32\gmvaural.exe - Deleted
l:\windows\system32\gmvwukqb.exe - Deleted
l:\windows\system32\wjnsnvsb.exe - Deleted
l:\windows\system32\awdactme.exe - Deleted
l:\windows\system32\axnvsdow.exe - Deleted
l:\windows\system32\bfjeaqie.exe - Deleted
l:\windows\system32\bibsneya.exe - Deleted
l:\windows\system32\qencdwnk.exe - Deleted
l:\windows\system32\cstxikit.exe - Deleted
l:\windows\system32\dfdnnojh.exe - Deleted
l:\windows\system32\dyqcesik.dll - Deleted
l:\windows\system32\ehltliae.exe - Deleted
l:\windows\system32\eqnonwqg.dll - Deleted
l:\windows\system32\erodugbn.exe - Deleted
l:\windows\system32\hehwmovh.exe - Deleted
l:\windows\system32\hhysqdjd.exe - Deleted
l:\windows\system32\msonccgc.exe - Deleted
l:\windows\system32\ojahurka.exe - Deleted
l:\windows\system32\thkrvghm.exe - Deleted
l:\windows\system32\torjlyly.exe - Deleted
l:\windows\system32\urqoomk.dll - Deleted
l:\windows\system32\wrcutqmk.exe - Deleted
l:\windows\system32\wrqmsmtw.exe - Deleted
l:\windows\system32\ivluoait.exe - Deleted
l:\windows\system32\nulbwprr.exe - Deleted
l:\windows\system32\kcuclxtp.exe - Deleted

Trojan.EliteBar
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
113 Registry Entries
HKEY_CLASSES_ROOT\CLSID\{0A1D22C3-37BE-470C-9C29-E3074EE0574B} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{02C20140-76F8-4763-83D5-B660107B7A11} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{02C20140-76F8-4763-83D5-B660107BABCD} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81ABC} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81C3A} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{BE8D0059-D24D-4919-B76F-99F4A2203647} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{ED103D9F-3070-4580-AB1E-E5C179C1AE41} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{E2E40140-76F8-4763-83D5-B660107BABCD} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{8AA59E15-6E81-415C-B299-1ADFB50C8E1A} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{a74cd7dd-ea6f-11d4-abf3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\Interface\{A74CD7DE-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\Interface\{A74CD7DF-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{CA9FC31A-6F35-4493-B629-E64BD6170A17} - Restart Required
HKEY_CLASSES_ROOT\TypeLib\{DF54D7DD-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\Interface\{276B0903-EB4B-46FF-8304-F093DEF69DE7} - Restart Required
HKEY_CLASSES_ROOT\Interface\{4AFF987A-773B-48E4-AEE8-08EBDDBDADF8} - Restart Required
HKEY_CLASSES_ROOT\Interface\{A9B28EF6-ABF3-463B-A3D8-4D0D0BADFADC} - Restart Required
HKEY_CLASSES_ROOT\Interface\{CAAB3B3F-E815-47D9-94FD-8BB9143C0077} - Restart Required
HKEY_CLASSES_ROOT\Interface\{DBF33E89-1784-42AC-ADE4-A428F56550A3} - Restart Required
HKEY_CLASSES_ROOT\Interface\{ED646219-20BF-41E5-80FD-EE49021DA599} - Restart Required
HKEY_CLASSES_ROOT\Interface\{DF54D7DE-EA6F-11D4-ABF3-000102378429} - Restart Required
HKEY_CLASSES_ROOT\EliteBar.EliteBarImpl - Restart Required
HKEY_CLASSES_ROOT\EliteBar.EliteBarImpl.1 - Restart Required
HKEY_CLASSES_ROOT\EliteBar.Navigator - Restart Required
HKEY_CLASSES_ROOT\EliteBar.Navigator.1 - Restart Required
HKEY_CLASSES_ROOT\PLOT.PlotCtrl.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.UICGBandObj.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.UICGBandObj - Restart Required
HKEY_CLASSES_ROOT\CGBand.CGBandObj.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.CGBandObj - Restart Required
HKEY_CLASSES_ROOT\CGBand.BHO.1 - Restart Required
HKEY_CLASSES_ROOT\CGBand.BHO - Restart Required
HKEY_LOCAL_MACHINE\Software\Elitum - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{ED103D9F-3070-4580-AB1E-E5C179C1AE41} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81ABC} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{28CAEFF3-0F18-4036-B504-51D73BD81C3A} - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\EliteBar Internet Explorer Toolbar - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\elitemediagroup - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->I downloaded pirated Software from P2P and now I post my Hijack log whining - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->etbrun - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->kalvsys - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->lsass - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->checkrun - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service62 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service63 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service65 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service66 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service67 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service70 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service72 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service73 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service74 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service75 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service76 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service77 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service78 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->System Service79 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA8DEF} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{825CF5BD-8862-4430-B771-0C15C5CA880F} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser->{89796427-6C3D-4710-951F-9DFB0D702DA8} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\LQ - Restart Required
HKEY_USERS\S-1-5-19\Software\LQ - Restart Required
HKEY_USERS\S-1-5-20\Software\LQ - Restart Required
HKEY_USERS\.DEFAULT\Software\LQ - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer->SearchURL - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Error Dlg Details Pane Open - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Error Dlg Displayed on Every Error - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->iebar - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Settings->e - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\InternetSettings\User Agent\Post Platform->acc=jocker - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\InternetSettings\User Agent\Post Platform->acc=none - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc=jocker - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc=none - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->(none) - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc=MrDrej - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->(MrDrej) - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform->acc= - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar->{8E718888-423F-11D2-876E-00A0C9082467}:... - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Search Bar:http://search.msn.com/spbasic.htm - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Start Page:http://securityresponse.symantec.com...age/index.html - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main->Search Page:http://www.microsoft.com/isapi.redir...ie&ar=iesearch - Restart Required
2 Files
l:\windows\system32\kx.exe - Deleted
C:\WINDOWS\etb\pokapoka79.exe - Restart Required

Dialer.DialPlatform
Type: Anomaly
Risk: High (High Stealth, Medium Removal, High Performance, High Privacy)
Categories: Dialer
Status: Fully Resolved
-----------
1 File
l:\windows\system32\max1d1164v.exe - Deleted

Adware.ZenoSearch
Type: Anomaly
Risk: Medium (High Stealth, Low Removal, Low Performance, High Privacy)
Categories: Adware
Status: Fully Resolved
-----------
4 Registry Entries
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\Zones\3\->2500:3 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\Zones\3\->2500:3 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\Zones\3\->2500:3 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet Settings\Zones\3\->2500:3 - Repaired
1 File
l:\windows\system32\modsregp.exe - No Action Required
1 Process
rundll32.exe - Terminated

Suspicious.AH.58
Type: Anomaly
Risk: Medium (Medium Stealth, Medium Removal, Medium Performance, Medium Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
l:\windows\system32\modsregp.exe - Deleted

Trojan.Adclicker
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
4 Files
l:\windows\system32\owinpndt.exe - Deleted
l:\windows\system32\dnsersnd.dll.bak - Deleted
l:\windows\system32\bwatvvyt.dll - Deleted
l:\windows\system32\qovtdgdc.dll - Deleted

Trojan.Zlob
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
3 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->Userinit:C:\WINDOWS\system32\Userinit.exe - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\system->DisableTaskMgr:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\->System - Repaired
1 File
l:\windows\system32\owqooxcg.dll - Deleted

W32.Spybot.Worm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
41 Registry Entries
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run Services\->Firewall Controls - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunSe rvices\->Firewall Controls - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunSe rvices\->Firewall Controls - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunServices\->Firewall Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\->Firewall Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\->246545 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\->665578 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\->7686743 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\->rrrun - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\->Microsoft Visual Application - Restart Required
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List\->C:\WINDOWS\system32\dllcache\winsno.exe - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run Services\->ATI Video Driver Controls - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunSe rvices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunSe rvices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunServices\->ATI Video Driver Controls - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run Services\->Microsoft Directxsp - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunSe rvices\->Microsoft Directxsp - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunSe rvices\->Microsoft Directxsp - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunServices\->Microsoft Directxsp - Restart Required
HKEY_CLASSES_ROOT\CLSID\{1C047C97-CA7F-BAF1-05A4-AEBA271281ED} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\->ATI Video Driver Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\->Microsoft Directxsp - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\->ATI Video Driver Controls - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\->Microsoft Directxsp - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\->1123 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Shell Extensions\->112 - Restart Required
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\->Start:4 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WindowsUpdate\Auto Update->AUOptions:3 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->AntiVirusOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\->FirewallOverride:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\->Shell:Explorer.exe - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole->EnableDCOM:Y - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center->UpdatesDisableNotify:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l->WaitToKillServiceTimeout:20000 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon->SFCDisable:0 - Repaired
HKEY_CLASSES_ROOT\.key - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa->restrictanonymous:0 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\NAVENG->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\NAVEX15->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SymEvent->Start:3 - Repaired
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\NetBT\Parameters\->TransportBindName:\Device\ - Repaired
4 Files
l:\windows\system32\p2pnetworking.exe - Deleted
C:\Documents and Settings\Eigenaar\Local Settings\Temp\1.reg - Restart Required
C:\Documents and Settings\Eigenaar\Local Settings\Temp\sysremove.bat - Restart Required
C:\a.bat - Restart Required

Trojan.Packed.9
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\system32\rpcc.dll - Deleted

Trojan.Zlob
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
3 Files
l:\windows\system32\wgmdfbep.dll - Deleted
l:\windows\system32\sdeexdqv.dll - Deleted
l:\windows\system32\xbaflyip.dll - Deleted

Adware.Purityscan
Type: Anomaly
Risk: Medium (Medium Stealth, High Removal, Low Performance, Low Privacy)
Categories: Adware
Status: Restart Required
-----------
3 Registry Entries
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\S W\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4} - Deleted
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks->{CFBFAE00-17A6-11D0-99CB-00C04FD64497}:"" - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\->Explorer - Restart Required
1 File
l:\windows\system32\bakf.dll.bak - Deleted

Backdoor.Graybird
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\system32\closeapp.exe - Deleted

Infostealer.Lineage
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
7 Registry Entries
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced->Hidden:1 - Repaired
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced->ShowSuperHidden:1 - Repaired
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer->NoDriveTypeAutoRun:0 - Repaired
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Polic ies\Explorer->NoDriveTypeAutoRun:0 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Polic ies\Explorer->NoDriveTypeAutoRun:0 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Policies\Explorer->NoDriveTypeAutoRun:0 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Advanced\Folder\Hidden\SHOWALL->CheckedValue:1 - Repaired
2 Files
[Restricted item (permission required)] - N/A
l:\windows\system32\euehkjqn.dll - Deleted

Downloader.MisleadApp
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
5 Files
l:\windows\system32\hblbdnun\hblbdnun1.exe - Deleted
l:\windows\system32\hblbdnun\hblbdnun2.exe - Deleted
l:\windows\system32\hblbdnun\hblbdnun3.exe - Deleted
l:\windows\system32\vedxga5me3.exe - Deleted
l:\windows\temp\v4xd3.ga2me - Deleted

Trojan Horse
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
12 Files
l:\windows\system32\ojhnrhsd.dll - Deleted
l:\windows\system32\sdadlrow-t2.exe - Deleted
l:\windows\system32\tdemhsee.dll - Deleted
l:\windows\system32\ntsvc32.dll - Deleted
l:\windows\system32\nbfvhbmp.dll - Deleted
l:\windows\system32\ygirpmmy.dll - Deleted
l:\windows\temp\stdrun2.exe - Deleted
l:\windows\temp\v4xd6.gam5e - Deleted
l:\windows\retadpu1000137.exe - Deleted
l:\windows\retadpu1000140.exe - Deleted
l:\windows\retadpu27.exe - Deleted
l:\windows\retadpu361.exe - Deleted

Trojan.Tannick.B
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\system32\protector.exe - Deleted

Adware.Mirar
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
1 File
l:\windows\system32\winats.dll - Deleted

Adware.Mirar
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
2 Files
l:\windows\system32\windmy.dll - Deleted
l:\windows\system32\winnb57.dll.bak - Deleted

W32.Spybot.Worm
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\system32\winlog.exe - Deleted

Trojan.Peacomm.D
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
1 File
l:\windows\system32\spooldr.sys - Restart Required
1 System Action

Trojan.Vundo
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
50 Files
l:\windows\system32\ufcprylp.exe - Deleted
l:\windows\system32\nhhxqqse.exe - Deleted
l:\windows\system32\nmijtjlc.exe - Deleted
l:\windows\system32\mwrfqvkc.exe - Deleted
[Restricted item (permission required)] - N/A
l:\windows\system32\cfopmkad.exe - Deleted
l:\windows\system32\ciqxjlvu.exe - Deleted
l:\windows\system32\wvwtrss.dll - Deleted
l:\windows\system32\xphsfxox.exe - Deleted
l:\windows\system32\xrthmsst.exe - Deleted
l:\windows\system32\yuxyofvv.dll - Deleted
l:\windows\system32\ywgsldka.exe - Deleted
l:\windows\system32\mfekejtg.dll - Deleted
l:\windows\system32\mgaapxpa.exe - Deleted
l:\windows\system32\mljhi.dll - Deleted
l:\windows\system32\mljigde.dll - Deleted
l:\windows\system32\bvbddsxu.exe - Deleted
l:\windows\system32\lqhaycyw.exe - Deleted
l:\windows\system32\liqlytmg.exe - Deleted
l:\windows\system32\lmrdvqay.exe - Deleted
l:\windows\system32\rdectcti.exe - Deleted
l:\windows\system32\iifeedb.dll - Deleted
l:\windows\system32\iifffee.dll - Deleted
l:\windows\system32\ijgwsiut.exe - Deleted
[Restricted item (permission required)] - N/A
l:\windows\system32\hmyuimgr.exe - Deleted
l:\windows\system32\hurupxog.exe - Deleted
l:\windows\system32\hwjuvomv.exe - Deleted
l:\windows\system32\hxapphqi.exe - Deleted
l:\windows\system32\fmajutem.exe - Deleted
l:\windows\system32\fnabkivu.exe - Deleted
l:\windows\system32\rppytjkj.exe - Deleted
l:\windows\system32\rqrqpnm.dll - Deleted
l:\windows\system32\qgmffhqg.exe - Deleted
l:\windows\system32\qisxbojh.exe - Deleted
l:\windows\system32\qlngfvyb.exe - Deleted
l:\windows\system32\qtjfchsy.exe - Deleted
l:\windows\system32\qyucmobm.dll - Deleted
l:\windows\system32\ixpdfnpd.exe - Deleted
l:\windows\system32\jaakblgc.exe - Deleted
l:\windows\system32\jgafgtbi.exe - Deleted
l:\windows\system32\jkkkijg.dll - Deleted
l:\windows\system32\jnheqbmx.exe - Deleted
l:\windows\system32\ugbgkmle.exe - Deleted
l:\windows\system32\uikrwola.exe - Deleted
l:\windows\system32\ukrsambu.dll - Deleted
l:\windows\system32\uorosyud.exe - Deleted
l:\windows\system32\vgetqvej.exe - Deleted
l:\windows\system32\vghdvpxa.exe - Deleted
[Restricted item (permission required)] - N/A

Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
25 Files
l:\windows\system32\wmvds32.dll - Deleted
l:\windows\system32\bkwenena.exe - Deleted
l:\windows\system32\bqiwqxlk.exe - Deleted
l:\windows\system32\ldcore.dll - Deleted
l:\windows\system32\ldinfo.ldr - Deleted
l:\windows\system32\leuywleo.exe - Deleted
l:\windows\system32\ligegpst.exe - Deleted
l:\windows\system32\vedxga8me6.exe - Deleted
l:\windows\system32\rbbtoeql.exe - Deleted
l:\windows\system32\rbyoaxrg.exe - Deleted
l:\windows\system32\ikypqmhe.exe - Deleted
l:\windows\system32\hvlqpxil.exe - Deleted
l:\windows\system32\fmqtiend.exe - Deleted
l:\windows\system32\qmqpnptp.exe - Deleted
l:\windows\system32\qpvamsij.exe - Deleted
l:\windows\system32\qwxsotni.exe - Deleted
l:\windows\system32\jftbapbg.exe - Deleted
l:\windows\system32\uofcbyue.exe - Deleted
l:\windows\system32\vhaniusc.exe - Deleted
l:\windows\system32\vrmdjdqx.exe - Deleted
l:\windows\temp\1.dllb - Deleted
l:\windows\temp\stdrun3.exe - Deleted
l:\windows\temp\stdrun5.exe - Deleted
l:\windows\temp\stdrun6.exe - Deleted
l:\windows\retadpu1000140.exe.tmp - Deleted

Backdoor.Trojan
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
l:\windows\system32\vedxg3am1et3.exe - Deleted
l:\windows\temp\v3xd1.g22me - Deleted

SecurityRisk.Downldr
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Security Risk
Status: Fully Resolved
-----------
3 Files
l:\windows\system32\vedxga1me4t1.exe - Deleted
l:\windows\system32\vedxga3me2.exe - Deleted
l:\windows\temp\vx1dt1.game - Deleted

Backdoor.Eterok
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
l:\windows\system32\vedxga4me1.exe - Deleted
l:\windows\temp\botc12d.tmp - Deleted

Adware.VirtuMonde
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
57 Registry Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA21E6F A-41D9-4F05-9650-8B3FBE72124D} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\S tats\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\S tats\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Ext\Stats\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{75DC57F8-D831-4AB8-86B7-4F826F4A0873} - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\S tats\{75DC57F8-D831-4AB8-86B7-4F826F4A0873} - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\S tats\{75DC57F8-D831-4AB8-86B7-4F826F4A0873} - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Ext\Stats\{75DC57F8-D831-4AB8-86B7-4F826F4A0873} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{821F87FF-8245-4972-9E28-732E92EC2F51} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\S tats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Ext\Stats\{09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - Restart Required
HKEY_CLASSES_ROOT\WTLHelper.WTLHelper - Restart Required
HKEY_CLASSES_ROOT\WTLHelper.WTLHelper.1 - Restart Required
HKEY_CLASSES_ROOT\IEpl.IEpl - Restart Required
HKEY_CLASSES_ROOT\IEpl.IEPl.1 - Restart Required
HKEY_CLASSES_ROOT\DosSpecFolder.DosSpecFolder - Restart Required
HKEY_CLASSES_ROOT\DosSpecFolder.DosSpecFolder.1 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tdev - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\TargetSoft - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->SysUpd - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run->SysUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run->WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\WindowsUpd - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\SysUpd - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\SysUpd - Restart Required
HKEY_LOCAL_MACHINE\Software\Microsoft\4C943F55 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDA4DFF B-2C3D-4730-8D7E-28523C7F2F67}\InprocServer32 - Restart Required
1 File
l:\windows\system32\qomnopo.dll - Deleted

Adware.Searchtool
Type: Anomaly
Risk: High (Low Stealth, High Removal, Medium Performance, High Privacy)
Categories: Adware
Status: Fully Resolved
-----------
2 Files
[Restricted item (permission required)] - N/A
l:\windows\system32\upmedia\searchtool.dll - Deleted

Trojan.Dropper
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\temp\stdrun1.exe - Deleted

Adware.SurfSideKick
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, Low Privacy)
Categories: Adware
Status: Restart Required
-----------
79 Registry Entries
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{000AB005-FF12-42C2-8DF5-39E12E5F9C91} - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{000AB005-FF12-42C2-8DF5-39E12E5F9C91} - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{000AB005-FF12-42C2-8DF5-39E12E5F9C91} - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{000AB005-FF12-42C2-8DF5-39E12E5F9C91} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick 2 - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick 2 - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick 2 - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run->SurfSideKick 2 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick 3 - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick 3 - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick 3 - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run->SurfSideKick 3 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->SurfSideKick - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run->SurfSideKick - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\SurfSideKick - Restart Required
HKEY_USERS\S-1-5-19\Software\SurfSideKick - Restart Required
HKEY_USERS\S-1-5-20\Software\SurfSideKick - Restart Required
HKEY_USERS\.DEFAULT\Software\SurfSideKick - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\SurfSideKick2 - Restart Required
HKEY_USERS\S-1-5-19\Software\SurfSideKick2 - Restart Required
HKEY_USERS\S-1-5-20\Software\SurfSideKick2 - Restart Required
HKEY_USERS\.DEFAULT\Software\SurfSideKick2 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\SurfSideKick3 - Restart Required
HKEY_USERS\S-1-5-19\Software\SurfSideKick3 - Restart Required
HKEY_USERS\S-1-5-20\Software\SurfSideKick3 - Restart Required
HKEY_USERS\.DEFAULT\Software\SurfSideKick3 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\ssk - Restart Required
HKEY_USERS\S-1-5-19\Software\ssk - Restart Required
HKEY_USERS\S-1-5-20\Software\ssk - Restart Required
HKEY_USERS\.DEFAULT\Software\ssk - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\DeluxeCommunications - Restart Required
HKEY_USERS\S-1-5-19\Software\DeluxeCommunications - Restart Required
HKEY_USERS\S-1-5-20\Software\DeluxeCommunications - Restart Required
HKEY_USERS\.DEFAULT\Software\DeluxeCommunications - Restart Required
HKEY_CLASSES_ROOT\CLSID\{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_CLASSES_ROOT\CLSID\{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{000AB00 5-FF12-42C2-8DF5-39E12E5F9C91} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{000AB005-FF12-42C2-8DF5-39E12E5F9C91} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UrlSearchHooks->{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->SurfSideKick 2 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->SurfSideKick 3 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run->SurfSideKick - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Surf Sidekick_is1 - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Surf Sidekick - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.SurfSideKick/ - Restart Required
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\FileExts\.SurfSideKick/ - Restart Required
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Explo rer\FileExts\.SurfSideKick/ - Restart Required
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Explorer\FileExts\.SurfSideKick/ - Restart Required
HKEY_LOCAL_MACHINE\Software\SurfSideKick2 - Restart Required
HKEY_LOCAL_MACHINE\Software\SurfSideKick3 - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\UrlSearchHooks->{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\UrlSearchHooks->{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Restart Required
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\UrlSearchHooks->{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Restart Required
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\UrlSearchHooks->{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows->AppInit_DLLs - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\DeluxeCommunications - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\OvMon - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\DeluxeCommunications - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\PSCloner - Restart Required
HKEY_USERS\S-1-5-19\Software\PSCloner - Restart Required
HKEY_USERS\S-1-5-20\Software\PSCloner - Restart Required
HKEY_USERS\.DEFAULT\Software\PSCloner - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\PSDream - Restart Required
HKEY_USERS\S-1-5-19\Software\PSDream - Restart Required
HKEY_USERS\S-1-5-20\Software\PSDream - Restart Required
HKEY_USERS\.DEFAULT\Software\PSDream - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02EE5B0 4-F144-47BB-83FB-A60BD91B74A9} - Restart Required
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA0E28F A-1AFD-4C21-A8DC-70EB5BE2F076} - Restart Required
1 File
l:\windows\temp\stdrun4.exe - Deleted

SecurityRiskOn
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Security Risk
Status: Fully Resolved
-----------
1 File
l:\windows\temp\stdrun8.exe - Deleted

Suspicious.AH.21
Type: Anomaly
Risk: Medium (Medium Stealth, Medium Removal, Medium Performance, Medium Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
2 Files
l:\windows\temp\v6xdt4.game - Deleted
l:\windows\temp\vx1dt3.game - Deleted

Adware.SurfSideKick
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
1 File
l:\windows\temp\i6f.tmp - Deleted

Dialer.DialPlatform
Type: Anomaly
Risk: High (High Stealth, Medium Removal, High Performance, High Privacy)
Categories: Dialer
Status: Fully Resolved
-----------
1 File
l:\windows\temp\ma1x1dd1v.game - Deleted

Trojan.Nebuler
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\temp\mst5.tmp - Deleted

Trojan.Peacomm!inf
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Restart Required
-----------
1 File
l:\windows\lastgood\system32\drivers\cdrom.sys - Restart Required

Adware.Mirar
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
1 File
l:\windows\mirar_distro_876090.exe - Deleted

Adware.Mirar
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
1 File
l:\windows\mirar_distro_876260.exe - Deleted

Adware.Purityscan
Type: Anomaly
Risk: Medium (Medium Stealth, High Removal, Low Performance, Low Privacy)
Categories: Adware
Status: Restart Required
-----------
3 Registry Entries
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\ENUM\S W\{b7eafdc0-a680-11d0-96d8-00aa0051e51d}\{9B365890-165F-11D0-A195-0020AFD156E4} - Deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\->Explorer - Restart Required
HKEY_USERS\S-1-5-21-299502267-1801674531-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks->{CFBFAE00-17A6-11D0-99CB-00C04FD64497}:"" - Repaired
1 File
l:\windows\ѕуstem32\mѕhta.exe - Deleted

Downloader
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
2 Files
l:\windows\b122.exe - Deleted
l:\windows\b144.exe - Deleted

Adware.Purityscan
Type: Anomaly
Risk: Medium (Medium Stealth, High Removal, Low Performance, Low Privacy)
Categories: Adware
Status: Fully Resolved
-----------
1 File
l:\windows\b128.exe - Deleted

Trojan.Spamdes
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\bck.dat - Deleted

Infostealer.Gampass
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
Status: Fully Resolved
-----------
1 File
l:\windows\bricopacks\vista inspirat 2\ubericon\uninst.exe - Deleted

Unresolved Threats:

**compuchrisje** · 17 November 2008, 00:29

Voor zover ik het hier snap heb je eigenlijk gewoon een virus geïnstalleerd? 'k Snap hem niet helemaal hoor.

Jule · 17 November 2008, 01:26

Yep, hij heeft die harde schijf gescand met het virus "antivirus Panda". Geen ander antivirus geeft zo'n hoop overtollige informatie waar je toch alleen maar depri van word. Dannyma houdt net van die informatie. Voor elk wat wils?

**dannyma** · 17 November 2008, 15:45

Oorspronkelijk geplaatst door Jule

Yep, hij heeft die harde schijf gescand met het virus "antivirus Panda". Geen ander antivirus geeft zo'n hoop overtollige informatie waar je toch alleen maar depri van word. Dannyma houdt net van die informatie. Voor elk wat wils?

jule ik moet je teleur stellen wat het is norton internet security 2009 logje

en geen panda dus je zie jule je zit niet altijd op het juiste pad

.

**dannyma** · 17 November 2008, 15:48

Oorspronkelijk geplaatst door compuchrisje

Voor zover ik het hier snap heb je eigenlijk gewoon een virus geïnstalleerd? 'k Snap hem niet helemaal hoor.

nee ik heb scan gedaan van harde schijf die toebehoorde aan iemand noemen maar x die geen antivirus had geinstaleerd op zijn pc en naar mij is gekomen omdat de pc niet meer werkte ( intussen alwel werkend )

.

**ultddave** · 17 November 2008, 17:37

Alsk het goed begrijp heb je de harde schijf uit de PC zonder virusscanner gehaald, die aan een andere PC gehangen (als externe HD) die wel een virusscanner heeft. En dit is het scan logje van die virusscanner over die externe hardeschijf? :P

- Dave -

**dannyma** · 17 November 2008, 23:58

Oorspronkelijk geplaatst door ultddave

Alsk het goed begrijp heb je de harde schijf uit de PC zonder virusscanner gehaald, die aan een andere PC gehangen (als externe HD) die wel een virusscanner heeft. En dit is het scan logje van die virusscanner over die externe hardeschijf? :P

- Dave -

you get it ultddave

.

**Baloeke** · 18 November 2008, 00:06

en de personen die niets van dat logje snappen zijn er geen stap mee vooruit

**dannyma** · 18 November 2008, 00:13

mischien baloeke jij die alles zo mooi kan verwoorden is een topic van maken dat ze het kunnen snappen zodat ze niet nutteloos hun en vrienden pc besmetten .
als het zo niet is het spijtig zaak geweest maar hebben dan toch geprobeerd want ik erg me dood aan roekeloos pc gebruik gedrag .

Jule · 18 November 2008, 00:23

Oorspronkelijk geplaatst door dannyma

Scan Time: 1141 seconds

Oorspronkelijk geplaatst door dannyma

jule ik moet je teleur stellen wat het is norton internet security 2009 logje

en geen panda dus je zie jule je zit niet altijd op het juiste pad

.

U heeft waarschijnlijk wel gelijk!

Ik kon het wel doorhebben, had ik op bovenstaande gelet? Alleen heb ik nooit de logjes van mijn Norton 2009 bekeken. Hoelang zou Panda er over gedaan hebben?

Discussie: computer zonder antivirus geinstalleerd

Discussietools

Discussie doorzoeken

Weergave

computer zonder antivirus geinstalleerd

De volgende gebruiker bedankt dannyma voor deze nuttige post:

Discussie informatie

Users Browsing this Thread

Soortgelijke discussies

krijg norton antivirus 2007 niet geinstalleerd

xp tweemaal geinstalleerd?

[Win XP] Krijg XP Niet Geinstalleerd ....

Opstarten zonder welkomstscherm en zonder ctrl+alt+delete?

krijg windows xp niet geinstalleerd

Favorieten/bladwijzers

Favorieten/bladwijzers

Regels voor berichten