PAGES : 1

ChangeLog VundoFix

NOTE : Ce changelog liste seulement les lignes malwares qui sont détectées par Zeb Help Process lors de l'analyse de rapports de sécurité. Ces informations proviennent en partie des feedbacks de helpers francophones.

VundoFix : Certains adwares particulièrement coriaces se font passer pour des antivirus ou des antispyware. Virtumonde est de ceux là, essayant d'abuser de la naïveté de certains utilisateurs néophytes. VundoFix est un outil conçu spécifiquement pour détecter et éradiquer ce type de menaces. Dans certains cas l'utilisation de The Avenger peut être nécessaire à la suppression d'un processus récalcitrant.

ComboFix est un outil developpé par sUBs. Les rootkits, autrement dit des fichiers infectieux cachés à l'utilisateur et à la plupart des antivirus et anti-spywares,
sont des infections assez coriaces. Cet outil nettoie l'infection et supprime le rootkit.

MalwareByte's AntiMalware est un antivirus qui permet de traquer et de supprimer ce type d'infection.

Voir la liste complète des ressources

 

February,2010

O2 - BHO: (no name) - {1C218BC1-B339-40DF-8346-792D2DBAFFB5} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O20 - Winlogon Notify: mlJyAqpP . (...) -- C:\WINDOWS\System32\mlJyAqpP.dll (.not file.)
O20 - AppInit_DLLs: ayXUkWjAL.dll

January,2010

%SYSTEM32%\fmuaqej.dll
%USERPROFILE%\AppData\Local\znsfjgc.exe

O20 - Winlogon Notify: awvtt - %SYSTEM32%\awvtt.dll (file missing)
O20 - Winlogon Notify: awvvu - %SYSTEM32%\awvvu.dll (file missing)
O20 - Winlogon Notify: cbxwvtu - cbxwvtu.dll (file missing)
O20 - Winlogon Notify: ddabx - %SYSTEM32%\ddabx.dll (file missing)
O20 - Winlogon Notify: ddccd - %SYSTEM32%\ddccd.dll (file missing)
O20 - Winlogon Notify: geeba - %SYSTEM32%\geeba.dll (file missing)
O20 - Winlogon Notify: geebx - %SYSTEM32%\geebx.dll (file missing)
O20 - Winlogon Notify: jkhfe - %SYSTEM32%\jkhfe.dll (file missing)
O20 - Winlogon Notify: jkhfg - %SYSTEM32%\jkhfg.dll (file missing)
O20 - Winlogon Notify: jkkjj - %SYSTEM32%\jkkjj.dll (file missing)
O20 - Winlogon Notify: jkklk - %SYSTEM32%\jkklk.dll (file missing)
O20 - Winlogon Notify: jkkll - %SYSTEM32%\jkkll.dll (file missing)
O20 - Winlogon Notify: mllji - %SYSTEM32%\mllji.dll (file missing)
O20 - Winlogon Notify: pmkji - %SYSTEM32%\pmkji.dll (file missing)
O20 - Winlogon Notify: pmkjj - %SYSTEM32%\pmkjj.dll (file missing)
O20 - Winlogon Notify: ssqpm - %SYSTEM32%\ssqpm.dll (file missing)
O20 - Winlogon Notify: sstts - %SYSTEM32%\sstts.dll (file missing)
O20 - Winlogon Notify: vtsqp - %SYSTEM32%\vtsqp.dll (file missing)
O20 - Winlogon Notify: vtstq - %SYSTEM32%\vtstq.dll (file missing)
O20 - Winlogon Notify: vtstr - %SYSTEM32%\vtstr.dll (file missing)
O20 - Winlogon Notify: vtutr - %SYSTEM32%\vtutr.dll (file missing)

O2 - BHO: (no name) - {FF6C71A0-BFD1-40F6-B893-C5DB4B33BC5F} - %SYSTEM32%\awturRiH.dll (file missing)
O2 - BHO: (no name) - {3AA6678D-1CE0-499E-B9F6-8444DEE39D88} - %SYSTEM32%\khfETlIB.dll (file missing)
O2 - BHO: (no name) - {16C5A067-229F-4284-BFEA-0AFB82BCBA24} - %SYSTEM32%\mlJAroNF.dll (file missing)
O2 - BHO: (no name) - {2DEED9D4-BA4A-4354-BD58-F3E300BD5063} - %SYSTEM32%\tuvSllMf.dll (file missing)
O2 - BHO: (no name) - {36D9CB8D-B8CA-4A85-A879-06A71109F11E} - %SYSTEM32%\opnmJBsQ.dll (file missing)
O2 - BHO: (no name) - {8F34BDED-281E-4080-86BC-C67135DB9A43} - %SYSTEM32%\tuvWqQiG.dll (file missing)

December,2009

O20 - Winlogon Notify: winmyy32 - winmyy32.dll (file missing)

 

November,2009

O20 - Winlogon Notify: urqqqqp - urqqqqp.dll (file missing)

O20 - Winlogon Notify: jkkhghg - jkkhghg.dll (file missing)

 

October,2009

O62 - ADS:Alternate Data Stream File - ing %System32%\ndthfucn.ini
O62 - ADS:Alternate Data Stream File - ing %System32%\spaftgdu.ini
O62 - ADS:Alternate Data Stream File - ing %System32%\Tvuwwyay.ini
O62 - ADS:Alternate Data Stream File - ing %System32%\xhamnaug.ini

%SYSTEM32%\jkkli.dll

September,2009

O20 - Winlogon Notify: awtqoMcy - C:\WINDOWS\
O20 - Winlogon Notify: pmnmjIBQ - C:\WINDOWS\
O20 - Winlogon Notify: wvULecaa - C:\WINDOWS\

August,2009

O20 - AppInit_DLLs: oeoxcc.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\migumahe.dll c:\windows\system32\ligamosa.dll

 

July,2009

O20 - AppInit_DLLs: ducfvw.dll

 

June,2009

O2 - BHO: (no name) - {508CE4E5-BB70-4F90-97E5-B1F7F6E966C1} - C:\WINDOWS\system32\nnnOfeDT.dll
O2 - BHO: (no name) - {54AED406-B309-4D0F-8DD9-663397340A7A} - C:\WINDOWS\system32\byXOeCuV.dll
O2 - BHO: (no name) - {71764AD1-38E3-4049-AB40-B40712A3A976} - C:\WINDOWS\system32\nnnkKcbB.dll
O2 - BHO: (no name) - {CF55DD2E-1E2C-44F7-8514-A94864AC2990} - C:\WINDOWS\system32\iifgHApM.dll

May,2009

O2 - BHO: (no name) - {7cf61770-f17f-4e7d-9e6b-89f91d961af1} - %SYSTEM32%\zogonaha.dll
O2 - BHO: (no name) - {9c7e65be-347f-425f-aba3-8a0f52fa2a63} - %SYSTEM32%\badufega.dll
O2 - BHO: (no name) - {A11C5AA1-0522-4E2C-8B55-61EC322A00BB} - %SYSTEM32%\efcYRHWq.dll
O2 - BHO: (no name) - {C7433973-9EF2-45E5-A166-1F623F759A4C} - %SYSTEM32%\efcYRjKC.dll
O2 - BHO: (no name) - {EA80792A-49D6-499E-B2C1-141D1D247C93} - %SYSTEM32%\rqRHaYrp.dll
O20 - AppInit_DLLs: %SYSTEM32%\zarefawa.dll

O4 - HKLM\..\Run: [yipuyupuju] Rundll32.exe "%SYSTEM32%\kasukuga.dll",s
O4 - HKUS\S-1-5-XX\..\Run: [yipuyupuju] Rundll32.exe "%SYSTEM32%\kasukuga.dll",s

O20 - AppInit_DLLs: %SYSTEM32%\powohefa.dll,%SYSTEM32%\mukejowe.dll,%SYSTEM32%\lekusewu.dll
O20 - AppInit_DLLs: uafzir.dll
O2 - BHO: (no name) - {DAC80AF4-2C52-4A6C-984E-CB3DFCF6846B} - %SYSTEM32%\iiffDTMc.dll
O20 - Winlogon Notify: efcDSkiH - efcDSkiH.dll
O20 - Winlogon Notify: nnnmNEUk - nnnmNEUk.dll
O20 - Winlogon Notify: nnnoonk - nnnoonk.dll

O2 - BHO: (no name) - {bf8062d5-70e0-4f82-a0c8-d2c3d6c85544} - %SYSTEM32%\zewofeha.dll (file missing)

O20 - AppInit_DLLs: %SYSTEM32%\pakiguwu.dll %SYSTEM32%\lenosopo.dll
O2 - BHO: (no name) - {3b2a9d63-b56d-48b0-90d9-946cc3f0b6f8} - %SYSTEM32%\dovanati.dll (file missing)
O4 - HKLM\..\Run: [rutigugoze] Rundll32.exe "%SYSTEM32%\silulotu.dll",s
O20 - AppInit_DLLs: %SYSTEM32%\riwirinu.dll,%SYSTEM32%\subapuzo.dll
O20 - AppInit_DLLs: %SYSTEM32%\tusubiku.dll

O2 - BHO: (no name) - {7c76ed16-6c85-459d-b908-0a6dc3f37c8a} - %SYSTEM32%\puregidi.dll
O2 - BHO: (no name) - {b231bc55-defd-451e-b580-44a8b7136526} - %SYSTEM32%\mebetewu.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL %SYSTEM32%\guyewijo.dll %SYSTEM32%\hovofizo.dll

%SYSTEM32%\ziwimola.dll
O2 - BHO: (no name) - {3BAAE6BC-0D6D-4644-B12A-51714167BE8C} - %SYSTEM32%\nnnnKDts.dll
O2 - BHO: {7c41e8f8-3345-3bda-a424-64ae9e186dc0} - {0cd681e9-ea46-424a-adb3-54338f8e14c7} - %SYSTEM32%\jyxxpv.dll
O2 - BHO: (no name) - {427B37EF-B6C5-4823-A97C-10B88977E398} - %SYSTEM32%\ddcYrSJd.dll
O2 - BHO: (no name) - {54493F9C-5AF7-44DA-8F5C-F1692494FA6d} - %SYSTEM32%\eirbivhe.dll (file missing)
O2 - BHO: (no name) - {B4D6E7DE-60F0-44EC-A0A3-5745A13B94AE} - %SYSTEM32%\mlJAqnNf.dll

 

April,2009

O2 - BHO: (no name) - {b4a59521-f065-42ba-8f09-9526bd4c9f2b} - %SYSTEM32%\nenosivu.dll
O20 - AppInit_DLLs: cgkhku.dll

O2 - BHO: (no name) - {337420AD-851C-416E-999F-9543F0C4708A} - %SYSTEM32%\byXRjjJb.dll
%SYSTEM32%\__c00[random].exe

O2 - BHO: (no name) - {0aca4b0c-e0d2-485f-a65a-6c5f88f51ba2} - %SYSTEM32%\wetutibe.dll
O2 - BHO: (no name) - {acf1e5c0-c57d-422f-893a-94d598131659} - %SYSTEM32%\gikuyaju.dll
O20 - AppInit_DLLs: hxsiro.dll
O20 - AppInit_DLLs: %SYSTEM32%\lenozafi.dll %SYSTEM32%\zipetepi.dll

O20 - AppInit_DLLs: %SYSTEM32%\tomuzipu.dll %SYSTEM32%\jutimono.dll %SYSTEM32%\wahayaga.dll %SYSTEM32%\bazoveza.dll eoctyg.dll %SYSTEM32%\wewefove.dll %SYSTEM32%\tiwedihu.dll %SYSTEM32%\yigeko

O2 - BHO: (no name) - {75861926-55c4-401f-8d8b-40ec37609c17} - %SYSTEM32%\badaliyo.dll
O20 - Winlogon Notify: sup - %SYSTEM32%\fabdceefee.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\nnnMeDWm.dll (file missing)
O2 - BHO: (no name) - {7BB54776-754A-4C15-9853-819F64D4924A} - %SYSTEM32%\fccddcbA.dll (file missing)
O2 - BHO: (no name) - {4A20507F-BFE7-46DE-8346-DB31725CD962} - %SYSTEM32%\qoMcabby.dll (file missing)
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\pmnoNDuS.dll (file missing)

O4 - HKUS\S-1-5-19\..\Run: [webizosifi] Rundll32.exe "%SYSTEM32%\nejudazo.dll",s (User '?')
O2 - BHO: (no name) - {0b16a1f3-8f27-47c4-8060-77146b7ceb1b} - %SYSTEM32%\zosoyiro.dll (file missing)

O20 - AppInit_DLLs: avgrsstx.dll epryut.dll

O2 - BHO: (no name) - {f3ce92c3-e612-4370-bfbe-d19c0ce2d438} - %SYSTEM32%\siruguhu.dll

O2 - BHO: {d4ca2c7a-df0e-ce2b-da94-586e7fba6976} - {6796abf7-e685-49ad-b2ec-e0fda7c2ac4d} - (no file)
O20 - AppInit_DLLs: jpyhjo.dll
O20 - Winlogon Notify: geBuSIcc - geBuSIcc.dll (file missing)

 

March,2009

O20 - AppInit_DLLs: %SYSTEM32%\yijukidi.dll %SYSTEM32%\yizimife.dll
O20 - AppInit_DLLs: awqzeo.dll

O20 - AppInit_DLLs: %SYSTEM32\kapekabo.dll kwsxtc.dll %SYSTEM32%\famatoge.dll

O2 - BHO: {efe0dd89-3a21-371a-7014-f0e396875424} - {42457869-3e0f-4107-a173-12a398dd0efe} - %SYSTEM32%\wyucpjqy.dll

O2 - BHO: (no name) - {c5fc23a6-7267-46a4-9e8d-61b980be6459} - %SYSTEM32%\lomehuda.dll
O20 - Winlogon Notify: tpgwlnotify - %SYSTEM32%\tpgwlnot.dll

O20 - AppInit_DLLs: unfmvg.dll
O20 - AppInit_DLLs: oqxsjf.dll

O2 - BHO: (no name) - {F4EC56F5-A195-454A-96B6-4298A056BAF3} - %SYSTEM32%\opnlKDSm.dll (file missing)
O2 - BHO: (no name) - {2aaa1741-27c0-4567-a19c-319b25986f6e} - %SYSTEM32%\muvulofo.dll
O20 - AppInit_DLLs: %SYSTEM32%\fihayesa.dll %SYSTEM32%\wadejino.dll %SYSTEM32%\buvokuzu.dll
O20 - AppInit_DLLs: %SYSTEM32%\gowodohe.dll

O20 - AppInit_DLLs: %SYSTEM32%\rinihuye.dll

O20 - AppInit_DLLs: %SYSTEM32%\tajojeti.dll %SYSTEM32%\zizatewa.dll %SYSTEM32%\jijeruwa.dll %SYSTEM32%\pufuyada.dll
O20 - AppInit_DLLs: %SYSTEM32%\fohajifu.dll %SYSTEM32%\kuwovogi.dll

O2 - BHO: (no name) - {22EFB7E1-2FAE-44E4-A940-719C8C5E523B} - C:\WINDOWS\system32\qOiggDut.dll (file missing)
O2 - BHO: (no name) - {3c00cb58-9332-4adb-a120-ebb11fb24007} - C:\WINDOWS\system32\guyuzera.dll (file missing)
O2 - BHO: (no name) - {92454FE4-6180-4AF0-83CC-A3136063E114} - C:\WINDOWS\system32\jkkJabxu.dll (file missing)

O2 - BHO: (no name) - {433F3931-834C-4237-BFCE-D03CFDFA935E} - %SYSTEM32%\urqNHWpo.dll (file missing)
O2 - BHO: (no name) - {450EF5A4-F422-418B-8F54-98D3D8A77880} - %SYSTEM32%\nnnlkICV.dll (file missing)
O2 - BHO: (no name) - {51EF787E-F358-4CC9-8688-4E73E9DCDB8D} - %SYSTEM32%\awtuvSli.dll (file missing)
O2 - BHO: (no name) - {903C377B-E501-4A35-A6B2-1E3994711EA1} - %SYSTEM32%\byXOfgEt.dll (file missing)
O2 - BHO: (no name) - {9B6799B7-0FBE-4C31-B29B-702F7998DF41} - %SYSTEM32%\hgGvuRhE.dll (file missing)
O2 - BHO: (no name) - {9E101C84-4A46-4146-AD93-639197E9F528} - %SYSTEM32%\geBtUlKE.dll (file missing)
O2 - BHO: {40921b4e-30e2-8d1a-1734-da75ff68a815} - {518a86ff-57ad-4371-a1d8-2e03e4b12904} - %SYSTEM32%\dzqfho.dll (file missing)
O20 - AppInit_DLLs: rovxll.dll

O2 - BHO: (no name) - {7b1ac168-c5db-4c25-be14-5058c30003cc} - %SYSTEM32%\hinuhilu.dll
O2 - BHO: {a16e525a-2b04-444a-80f4-a40567d35177} - {77153d76-504a-4f08-a444-40b2a525e61a} - %SYSTEM32%\dpamqi.dll
O2 - BHO: (no name) - {9e41fbaf-9852-4364-9a6f-57390529939e} - %SYSTEM32%\tadovoyi.dll
O20 - Winlogon Notify: urqRLebB - urqRLebB.dll (file missing)

O20 - AppInit_DLLs: %SYSTEM32%\jeribejo.dll %SYSTEM32%\zorihali.dll %SYSTEM32%\gudaruma.dll

O2 - BHO: (no name) - {f663ba47-a2b1-4074-8fb4-c63a6470d21e} - %SYSTEM32%\yuhunapi.dll
O20 - Winlogon Notify: mlJYpOeE - mlJYpOeE.dll (file missing)
O20 - AppInit_DLLs: %SYSTEM32%\mibawabo.dll %SYSTEM32%\zurafogu.dll

O2 - BHO: (no name) - {33ae98d4-ab9f-4894-bcef-b37b71311a7b} - %SYSTEM32%\fovazepo.dll (file missing)

O2 - BHO: {57625686-26c7-4bfa-4fd4-510bd7bde594} - {495edb7d-b015-4df4-afb4-7c6268652675} - %SYSTEM32%\pjsfzf.dll
O2 - BHO: {f7765e89-856e-6aeb-0c74-1b2e5fe4a852} - {258a4ef5-e2b1-47c0-bea6-e65898e5677f} - %SYSTEM32%\liekdb.dll
O2 - BHO: {9131cfc8-4014-d4ab-49c4-9ded69889595} - {59598896-ded9-4c94-ba4d-41048cfc1319} - %SYSTEM32%\htfzrn.dll
O2 - BHO: (no name) - {84dc7f5d-ebdf-40ee-bdfd-74063883fb49} - %SYSTEM32%\sonumiwo.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\awturOEV.dll (file missing)
O2 - BHO: (no name) - {7A757F79-EF46-4D12-B09C-74F084BC89CB} - %SYSTEM32%\wvUnMeDV.dll (file missing)
O20 - AppInit_DLLs: zpsxsk.dll %SYSTEM32%\pofolehe.dll,
O2 - BHO: (no name) - {37ca350b-9415-41ae-8cca-7e963d44593f} - %SYSTEM32%\vevopufi.dll
O2 - BHO: {f59569d8-6920-4fc8-02a4-2f640a81b7e3} - {3e7b18a0-46f2-4a20-8cf4-02968d96595f} - %SYSTEM32%\ssviyg.dll
O2 - BHO: (no name) - {2c637d13-5164-4f30-99ff-18b74f95c0ae} - SYSTEM32%\siwonufo.dll
O20 - AppInit_DLLs: SYSTEM32%\musivopa.dll,SYSTEM32%\kujetogu.dll
O20 - Winlogon Notify: kgxpjbha - kgxpjbha.dll (file missing)

O4 - HKLM\..\Run: [divavilejo] Rundll32.exe "%SYSTEM32%\nijetiyi.dll",s
O4 - HKUS\S-1-5-19\..\Run: [divavilejo] Rundll32.exe "%SYSTEM32%\nijetiyi.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [divavilejo] Rundll32.exe "%SYSTEM32%\nijetiyi.dll",s (User 'NETWORK SERVICE')
O4 - HKLM\..\Run: [zuvigasise] Rundll32.exe "%SYSTEM32%\vufihute.dll",s

O2 - BHO: {be5ccd4c-cda0-399b-7c94-14d825a2dd41} - {14dd2a52-8d41-49c7-b993-0adcc4dcc5eb} - %SYSTEM32%\kalpfg.dll
O20 - AppInit_DLLs: %SYSTEM32%\rimakani.dll kalpfg.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\fccdeFXo.dll

O20 - AppInit_DLLs: acaptuser32.dll rqwyak.dll c:\windows\system32\yijajeku.dll

O2 - BHO: (no name) - {4d39f8fa-2c23-4254-b153-978c2083bf65} - %SYSTEM32%\nirotona.dll
O2 - BHO: (no name) - {8de9db24-144e-47f2-8d51-b1454b951cbd} - %SYSTEM32%\lamuhegi.dll
O20 - AppInit_DLLs: %SYSTEM32%\babupata.dll %SYSTEM32%\bebutepo.dll

O20 - Winlogon Notify: cbXQifDV - cbXQifDV.dll (file missing)

O2 - BHO: (no name) - {04611f59-e061-4ac2-9c7d-245437cbcd83} - %SYSTEM32%\mokomaru.dll
O2 - BHO: (no name) - {08e45e00-e968-46f8-90ec-32f3213c2458} - %SYSTEM32%\ziratuvi.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\awtsrSIX.dll (file missing)

 

February,2009

O2 - BHO: {8c3e176d-d3d1-2f9b-e9b4-b4d06f447734} - {437744f6-0d4b-4b9e-b9f2-1d3dd671e3c8} - %SYSTEM32%\tdicwq.dll
O20 - AppInit_DLLs: tdicwq.dll %SYSTEM32%\vikikeme.dll,%SYSTEM32%\ruludoji.dll
O2 - BHO: (no name) - {7944af90-6f10-4ad8-b7be-dd9eb7fb5672} - %SYSTEM32%\tahiraga.dll

O20 - AppInit_DLLs: sedgso.dll vxfhrl.dll xhedsz.dll npyawv.dll,wbsys.dll
O20 - Winlogon Notify: qoMeEvsr - qoMeEvsr.dll (file missing)

O20 - Winlogon Notify: pmnkIYPF - pmnkIYPF.dll (file missing)

O20 - AppInit_DLLs: %SYSTEM32%\kusewovi.dll %SYSTEM32%\wewusigo.dll %SYSTEM32%\rifabana.dll %SYSTEM32%\yujopona.dll
O2 - BHO: {ddad4cf1-4402-6cb9-ee24-5499c2c4606f} - {f6064c2c-9945-42ee-9bc6-20441fc4dadd} - %SYSTEM32%\vxqpzp.dll
O2 - BHO: (no name) - {2EB4C458-FADA-429C-AD09-C03F01EB85EF} - %SYSTEM32%\vtUlLFya.dll (file missing)
O2 - BHO: (no name) - {4B8310B7-3875-47F7-8538-A35C8F87A72D} - %SYSTEM32%\qoMfdcbA.dll (file missing)
O2 - BHO: (no name) - {03a3f923-7d74-4d0a-b74f-82908f4923db} - %SYSTEM32%\vijirego.dll

O20 - AppInit_DLLs: %SYSTEM32%\sipaneya.dll

O2 - BHO: (no name) - {F492042B-B5D9-404A-954E-BE7BECCD6BCC} - %SYSTEM32%\jkkJabya.dll (file missing)
O20 - Winlogon Notify: nnnnMCSM - nnnnMCSM.dll (file missing)

O20 - Winlogon Notify: mlJBrrsS - mlJBrrsS.dll (file missing)

%SYSTEM32%\hgGwuUOI.dll [2009-02-19 301056]
O2 - BHO: (no name) - {72B95F91-E8B8-4DCE-BA10-01D6C8C7D6B2} - %SYSTEM32%\hgGwuUOI.dll
O2 - BHO: {3e4edddd-77ca-6758-be84-ce2b6e30e634} - {436e03e6-b2ec-48eb-8576-ac77dddde4e3} - %SYSTEM32%\yozgei.dll
O20 - AppInit_DLLs: yozgei.dll
O20 - Winlogon Notify: pmnnLBsq - pmnnLBsq.dll (file missing)

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\geBrpqol.dll
O2 - BHO: (no name) - {BB00ACEE-EF74-4A06-9DC9-5916EC9C8CF8} - %SYSTEM32%\efcYqRJB.dll
O2 - BHO: {388a4c48-8dd5-de99-0774-c8672344357e} - {e7534432-768c-4770-99ed-5dd884c4a883} - %SYSTEM32%\gjeofi.dll
O20 - AppInit_DLLs: gjeofi.dll
O20 - Winlogon Notify: geBrpqol - geBrpqol.dll

O2 - BHO: (no name) - {39397e11-867a-474d-bd44-dfb9aabac2b1} - %SYSTEM32%\wefenure.dll
O20 - AppInit_DLLs: %SYSTEM32%\yejedotu.dll jtjcac.dll hzcvcm.dll mrdfia.dll uythgl.dll zjpkon.dll ecsybu.dll %SYSTEM32%\tuvujuka.dll %SYSTEM32%\tinonere.dll

O20 - AppInit_DLLs: ogjwfy.dll

O2 - BHO: (no name) - {0A669DB0-5796-4B64-95B4-66D4B6A51158} - %SYSTEM32%\efcdDuVp.dll (file missing)
O2 - BHO: (no name) - {3CA60057-9277-49C0-8D64-280DBAD9C3E1} - %SYSTEM32%\ssqrqopn.dll (file missing)

O2 - BHO: (no name) - {A31A2BFC-D224-43ED-BDAE-A456556DFC80} - %SYSTEM32%\jkkJyXQi.dll (file missing)
O2 - BHO: (no name) - {F2AD7919-3169-4197-99A0-B53722A68E44} - %SYSTEM32%\pmnljKee.dll (file missing)
O20 - Winlogon Notify: csrs - csrs.dll (file missing)

O2 - BHO: (no name) - {BA2F130D-6FA5-4709-B017-86D4C85A1C34} - %SYSTEM32%\rqRHyyAQ.dll (file missing)
O20 - Winlogon Notify: 785e7199530 - C:\Windows\System32\compobj32.dll (file missing)

O20 - Winlogon Notify: opnmLfGX - C:\WINDOWS\
O20 - AppInit_DLLs: mcfjop.dll

O20 - Winlogon Notify: qczveegm - %SYSTEM32%\qczveegm.dll

O2 - BHO: (no name) - {51EF787E-F358-4CC9-8688-4E73E9DCDB8D} - %SYSTEM32%\khfEXoPI.dll (file missing)
O2 - BHO: (no name) - {E01C97A9-9CD3-4F6F-8AE4-278D6670BEA7} - %SYSTEM32%\xxyaBUon.dll (file missing)
O2 - BHO: (no name) - {7542FACC-1D6E-441E-A8B5-31FEF4E1FF91} - %SYSTEM32%\geebb.dll (file missing)

O20 - AppInit_DLLs: fzbtpw.dll yeideq.dll eopddx.dll qgkunv.dll smfnwr.dll

O20 - Winlogon Notify: ddcca - %SYSTEM32%\ddcca.dll (file missing)
O2 - BHO: {d94b2d9e-3bcb-9caa-6174-0f7b794e1cfc} - {cfc1e497-b7f0-4716-aac9-bcb3e9d2b49d} - (no file)
O20 - Winlogon Notify: opnnopq - C:\WINDOWS\ O20 - Winlogon Notify: mlJYrrPh - mlJYrrPh.dll (file missing)
O2 - BHO: {477f16e9-73eb-8e9a-c234-3bbee053e5e0} - {0e5e350e-ebb3-432c-a9e8-be379e61f774} - %SYSTEM32%\tszjuf.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\wvUkLDTn.dll
O20 - Winlogon Notify: wvUkLDTn - %SYSTEM32%\wvUkLDTn.dll

O2 - BHO: (no name) - {B4EDBDFE-088B-4688-837D-FF6B73844FFB} - %SYSTEM32%\geBtUkHY.dll (file missing)
O2 - BHO: (no name) - {BC3E65DC-749D-4288-A754-4D814694C907} - %SYSTEM32%\vtUkhiJB.dll
O20 - Winlogon Notify: byXRhecD - byXRhecD.dll (file missing)
O20 - Winlogon Notify: efcBrPhe - C:\WINDOWS\
O20 - Winlogon Notify: rqRlMfca - %SYSTEM32%\rqRlMfca.dll
O20 - Winlogon Notify: ssqnOghh - %SYSTEM32%\ssqnOghh.dll
O20 - Winlogon Notify: tuvWpMfD - C:\WINDOWS\
O20 - Winlogon Notify: urqRHYQk - urqRHYQk.dll (file missing)

O2 - BHO: (no name) - {43F01EC8-23BE-49B0-A4C1-F50DE7E0AAE6} - %SYSTEM32%\byXnmklk.dll
O2 - BHO: (no name) - {7A98DF57-382C-4853-B548-038B7EFA0D99} - %SYSTEM32%\xxyyyyxW.dll
O2 - BHO: (no name) - {8691F860-96E4-4FB3-8D35-531C0D1B0AC1} - %SYSTEM32%\kHaXOhig.dll
O2 - BHO: (no name) - {BE388D29-B3CC-4588-B2AA-0E97D54667E5} - %SYSTEM32%\cbXOgFYQ.dll
O2 - BHO: {f1e7ed09-891b-a5c9-6924-4315c999f73d} - {d37f999c-5134-4296-9c5a-b19890de7e1f} - %SYSTEM32%\puadpcvd.dll
O20 - Winlogon Notify: kHaXOhig - kHaXOhig.dll (file missing)

O20 - Winlogon Notify: awtrqnl - awtrqnl.dll (file missing)
O20 - Winlogon Notify: ddcyaxw - ddcyaxw.dll (file missing)
O20 - Winlogon Notify: ssqqn - C:\WINDOWS\
O20 - Winlogon Notify: cbXPhebC - cbXPhebC.dll (file missing)
O20 - Winlogon Notify: pmnkJcaY - pmnkJcaY.dll (file missing)

%SYSTEM32%\motipewo.dll
%SYSTEM32%\fafaropu.dll
O2 - BHO: (no name) - {d0a2250a-60ad-439e-bc18-e11f2d7d6e8d} - %SYSTEM32%\kubiwipi.dll (file missing)

O20 - Winlogon Notify: efcAPIBu - C:\WINDOWS\
O20 - Winlogon Notify: fccDuRij - C:\WINDOWS\
O20 - Winlogon Notify: fccyaBuU - C:\WINDOWS\
O20 - Winlogon Notify: jkkIyApP - C:\WINDOWS\
O20 - Winlogon Notify: mlJBUNEw - C:\WINDOWS\
O20 - Winlogon Notify: mlJCrQge - C:\WINDOWS\
O20 - Winlogon Notify: pmnLdBQJ - C:\WINDOWS\
O20 - Winlogon Notify: qoMfdaXn - C:\WINDOWS\
O20 - Winlogon Notify: urqQHaxU - C:\WINDOWS\
O20 - Winlogon Notify: vtUmLbyW - C:\WINDOWS\
O20 - Winlogon Notify: vtUmmjIc - C:\WINDOWS\

O20 - Winlogon Notify: vtuklmnl - vtUklmnL.dll (file missing)

January,2009

O20 - Winlogon Notify: nnnnlbbx - C:\WINDOWS\
O2 - BHO: (no name) - {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - %SYSTEM32%\efcCvTKa.dll

"AppInit_DLLs"="rogwgd.dll c:\\windows\\system32\\fagonifa.dll,C:\\WINDOWS\\system32\\wuwasomo.dll"

O2 - BHO: (no name) - {7e5d7f7f-71bc-4dcc-a988-b3146cfd43f9} - %SYSTEM32%\jeniguju.dll (file missing)
O20 - AppInit_DLLs: %SYSTEM32%\mufojale.dll

O20 - AppInit_DLLs: hsndyd.dll

O2 - BHO: (no name) - {e98e3450-dcbe-48f3-847a-0b2478ccb24f} - %SYSTEM32%\puhelero.dll (file missing)
O2 - BHO: {09f5fdae-af74-ef3b-ebd4-660730ee2818} - {8182ee03-7066-4dbe-b3fe-47faeadf5f90} - %SYSTEM32%\tndcth.dll
O20 - AppInit_DLLs: avgrsstx.dll %SYSTEM32%\gerabuse.dll lndmkp.dll %SYSTEM32%\demojesa.dll tndcth.dll %SYSTEM32%\jiremeye.dll

O20 - Winlogon Notify: tnkcrem - %SYSTEM32%\tnkcrem.dll

Trojan.agent
S1 msqpdxserv.sys;msqpdxserv.sys; %SYSTEM32%\drivers\msqpdxhpbvrxcj.sys []

O2 - BHO: (no name) - {AF3CE6E2-9CDA-4DF6-8A84-0DCDA0F0DFA8} - %SYSTEM32%\yayaWPJb.dll
O2 - BHO: (no name) - {EEBCEA7B-BA5B-435E-883F-D142A2F1B51A} - %SYSTEM32%\jkkIAQKC.dll
O20 - Winlogon Notify: sup - %SYSTEM32%\fccdedccad.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\efcYRlKA.dll (file missing)
O2 - BHO: (no name) - {9597127A-204E-44B1-966C-950F8F2D6632} - %SYSTEM32%\khfcBSiF.dll (file missing)
O20 - Winlogon Notify: efcYRlKA - efcYRlKA.dll (file missing)
O20 - Winlogon Notify: offmmel - offmmel.dll (file missing)

O2 - BHO: (no name) - {21ee140e-7bb7-446f-abf4-36bb302c84f3} - %SYSTEM32%\kalomawu.dll
O20 - AppInit_DLLs: %SYSTEM32%\duhiteki.dll %SYSTEM32%\tesirolo.dll wpulay.dll %SYSTEM32%\dojisino.dll %SYSTEM32%\nehozipa.dll %SYSTEM32%\vutofudi.dll
O20 - Winlogon Notify: e887bdae509 - %SYSTEM32%\cryptdll32.dll (file missing)

O2 - BHO: (no name) - {27874253-5A62-4048-8ABD-267F02152A41} - %SYSTEM32%\vtUlKAPh.dll
O2 - BHO: {341b2a67-337d-0dc8-a764-78eee39643c2} - {2c34693e-ee87-467a-8cd0-d73376a2b143} - %SYSTEM32%\vbzqvo.dll
O20 - AppInit_DLLs:vbzqvo.dll
O2 - BHO: (no name) - {8E747740-6702-43D6-BFB7-1F3CD6ABDA5F} - %SYSTEM32%\khfddBQK.dll
O2 - BHO: (no name) - {99972D1B-964E-49EC-92F4-1EB39F4810A5} - %SYSTEM32%\nnnoOHYp.dll
O20 - Winlogon Notify: C:\WINDOWS\System32\nnnoOHYp.dll
O2 - BHO: (no name) - {E76AD3AE-B22E-447D-8F6C-6BF13079E5FB} - %SYSTEM32%\ssqRIbaX.dll
O44 - LFC:Last File Created - C:\WINDOWS\System32\hPAKlUtv.ini -->24/01/2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\hPAKlUtv.ini2 -->24/01/2009

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\mlJBQIab.dll
O20 - Winlogon Notify: mlJBQIab - C:\WINDOWS\SYSTEM32\mlJBQIab.dll
O2 - BHO: {d7e19771-70f5-750a-4eb4-5dee399e98c2} - {2c89e993-eed5-4be4-a057-5f0717791e7d} - %SYSTEM32%\avgsoc.dll
O20 - AppInit_DLLs: avgsoc.dll
O2 - BHO: (no name) - {FC474BA4-0849-4AF1-9802-8AD1B72F7CED} - %SYSTEM32%\pmnKEVll.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,%SYSTEM32%\dhcpcsvc632.dll
O20 - Winlogon Notify: 39a22a93517 - %SYSTEM32%\dhcpcsvc632.dll

O2 - BHO: (no name) - {D874E6F1-EE66-4A29-92D0-CD2B1D91E0B8} - %SYSTEM32%\tuvUMdeF.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\urqNDuRL.dll
O20 - Winlogon Notify: urqNDuRL - %SYSTEM32%\urqNDuRL.dll
O2 - BHO: %SYSTEM32%\gsrf7iunwefihaw3und.dll - {D5BF4552-94F1-42BD-F434-3604812C807D} - %SYSTEM32%\gsrf7iunwefihaw3und.dll
O20 - AppInit_DLLs: ecjiey.dll
O20 - Winlogon Notify: xvibggus - %SYSTEM32%\xvibggus.dll

O20 - Winlogon Notify: awtss - %SYSTEM32%\awtss.dll (file missing)

O20 - AppInit_DLLs: ohhjjq.dll
O20 - AppInit_DLLs: qgtmwi.dll

O2 - BHO: {dd0a4b64-48a6-8ee8-5004-b2bc5badc6d3} - {3d6cdab5-cb2b-4005-8ee8-6a8446b4a0dd} - %SYSTEM32%\bgtsaf.dll
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll %SYSTEM32%\yakiyayi.dll %SYSTEM32%\zifutoro.dll bgtsaf.dll

O2 - BHO: {c24f0e41-3436-9c8b-e5d4-1dd897af9523} - {3259fa79-8dd1-4d5e-b8c9-634314e0f42c} - %SYSTEM32%\bojvny.dll
O20 - AppInit_DLLs: %PROGRAMFILES%\Google\GOOGLE~3\GOEC62~1.DLL bojvny.dll
O20 - Winlogon Notify: yayvSmMe - yayvSmMe.dll (file missing)

O20 - AppInit_DLLs: ykvvzj.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\iiffDuUL.dll
O20 - Winlogon Notify: iiffDuUL - %SYSTEM32%\iiffDuUL.dll

O2 - BHO: (no name) - {82635856-4e9d-4518-a46a-768c263e7f6d} - %SYSTEM32%\mlJDuuSi.dll
O2 - BHO: {cc31950f-8c4a-8df9-3314-44e02fece761} - {167ecef2-0e44-4133-9fd8-a4c8f05913cc} - %SYSTEM32%\funmab.dll

O20 - Winlogon Notify: byXrpOIB - %WINDOWS%
O20 - Winlogon Notify: ljJBqRkk - %WINDOWS%
O20 - Winlogon Notify: opnnliIC - %WINDOWS%

O20 - AppInit_DLLs: bhuumm.dll
O10 - Unknown file in Winsock LSP: %SYSTEM32%\tuemcbn.dll
O20 - AppInit_DLLs: itxrzx.dll dnktgy.dll nhymnl.dll
O20 - Winlogon Notify: hgGwXqrR - %WINDOWS%

O20 - AppInit_DLLs: bhuumm.dll
O10 - Unknown file in Winsock LSP: %SYSTEM32%\tuemcbn.dll
O20 - AppInit_DLLs: itxrzx.dll dnktgy.dll nhymnl.dll
O20 - Winlogon Notify: hgGwXqrR - %WINDOWS%

O2 - BHO: {be02676f-053a-e2d8-ef34-df7d98380489} - {98408389-d7fd-43fe-8d2e-a350f67620eb} - %SYSTEM32%\ufhmxd.dll
O2 - BHO: (no name) - {a10ca63b-6065-48c8-aebb-fb1351514ec9} - %SYSTEM32%\luzilufe.dll
O20 - AppInit_DLLs: %SYSTEM32%\kopupavo.dll %SYSTEM32%\sibogaya.dll ufhmxd.dll
O20 - Winlogon Notify: awtqrrs - awtqrrs.dll
O20 - Winlogon Notify: efcdcaWM - efcdcaWM.dll (file missing)
O20 - Winlogon Notify: ssqpq - C:\WINDOWS\

O20 - AppInit_DLLs: ukrobb.dll

O2 - BHO: (no name) - {221ba888-9d1d-4b9b-99df-4dd238f3b114} - %SYSTEM32%\kopurege.dll
O2 - BHO: {c1733788-b381-8a2a-c794-2c4dbb217f0d} - {d0f712bb-d4c2-497c-a2a8-183b8873371c} - %SYSTEM32%\wlpqjx.dll
O20 - AppInit_DLLs: wlpqjx.dll
O20 - Winlogon Notify: tuvutqn - tuvutqn.dll (file missing)

O2 - BHO: (no name) - {8b5c280a-8ae0-45cc-8da7-2fb74bee0825} - %SYSTEM32%\gehotimi.dll
O20 - AppInit_DLLs: %SYSTEM32%\zoripuzo.dll %SYSTEM32%\zoripuzo.dll tlrjht.dll %SYSTEM32%\mokojela.dll,%SYSTEM32%\kofelabe.dll,%SYSTEM32%\fatipepo.dll
O2 - BHO: {9650fc03-d097-e9f8-8954-342257733b55} - {55b33775-2243-4598-8f9e-790d30cf0569} - %SYSTEM32%\tlrjht.dll
O4 - HKLM\..\Run: [rulevateya] Rundll32.exe "%SYSTEM32%\kofelabe.dll",s
O4 - HKUS\S-1-5-19\..\Run: [rulevateya] Rundll32.exe "%SYSTEM32%\numuligi.dll",s

O2 - BHO: (no name) - {4C5C9EBB-2EBF-4FC2-B2BE-DDEF601BBA5A} - %SYSTEM32%\ljJyvWNf.dll
O2 - BHO: {a71018b1-0525-e80b-0044-7710f671f07b} - {b70f176f-0177-4400-b08e-52501b81017a} - %SYSTEM32%\fxagnr.dll
O20 - AppInit_DLLs: 235780M.BMP %PROGRAMFILES%\Google\GOOGLE~3\GOEC62~1.DLL fxagnr.dll
O20 - Winlogon Notify: ddcBSMeb - ddcBSMeb.dll (file missing)
O20 - Winlogon Notify: fccaXOEU - fccaXOEU.dll (file missing)
O20 - Winlogon Notify: hgGvvwXr - hgGvvwXr.dll (file missing)
O20 - Winlogon Notify: mlJAsSIb - C:\WINDOWS\

O20 - AppInit_DLLs: qkowpo.dll

O20 - AppInit_DLLs: prewkr.dll odsgsr.dll ttvjlv.dll jkjram.dll qlowoo.dll kgblel.dll sfqluy.dll

O20 - AppInit_DLLs: ppabvg.dll dzzktv.dll iqpykm.dll agajie.dll nalpsl.dll ngjani.dll
O20 - AppInit_DLLs: %SYSTEM32%\fimigoyu.dll %SYSTEM32%\fusigagi.dll %SYSTEM32%\defowija.dll
O2 - BHO: (no name) - {1CCF45E2-956F-4E4D-B648-2A5682932D7A} - %SYSTEM32%\rqRLebXQ.dll (file missing)
O2 - BHO: (no name) - {F30B1B0B-C305-414E-A4FF-AC93A08DE0AC} - %SYSTEM32%\tuvTmNEv.dll (file missing)
O2 - BHO: (no name) - {77AB59B4-55A3-4737-9FD5-B93C64307F78} - %SYSTEM32%\fgswsrkd.dll

O20 - Winlogon Notify: rfzbilu - %SYSTEM32%\rfzbilu.dll
O20 - Winlogon Notify: mlkyic - mlkyic.dll (file missing)
O20 - Winlogon Notify: pgaush - pgaush.dll (file missing)

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\opnopMdc.dll
O2 - BHO: (no name) - {8609276C-DCAD-4938-A821-5445C411256D} - %SYSTEM32%\khfEVnNg.dll
O2 - BHO: (no name) - {919a3281-bb1f-4960-a362-3a48539ce694} - %SYSTEM32%\kibigipu.dll
O2 - BHO: {d1e0202a-628a-452a-51b4-8f7789b558cd} - {dc855b98-77f8-4b15-a254-a826a2020e1d} - %SYSTEM32%\hzgisa.dll
O20 - AppInit_DLLs: ,hzgisa.dll,%SYSTEM32%\gozomeji.dll

%SYSTEM32%\twatdog.exe
O4 - HKLM\..\Run: [XGIWatchDog] twatdog.exe

O20 - AppInit_DLLs: ddecyf.dll
O20 - Winlogon Notify: pughbm - %SYSTEM32%\pughbm.dl

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\byXRhETK.dll
O2 - BHO: (no name) - {CD505B0B-8FE7-4F45-BB08-2BE2890B2767} - %SYSTEM32%\vtUlMgHY.dll
O2 - BHO: {ca593137-8542-5aaa-e5e4-3ccf86b9ec33} - {33ce9b68-fcc3-4e5e-aaa5-2458731395ac} - %SYSTEM32%\ulgcib.dll
O20 - AppInit_DLLs: ulgcib.dll
O20 - Winlogon Notify: byXRhETK - byXRhETK.dll (file missing)

O2 - BHO: (no name) - {12FFA5F8-97A4-4626-B711-D879B5602082} - %SYSTEM32%\geBroOfF.dll
O20 - AppInit_DLLs: srnhar.dll
20 - Winlogon Notify: tuvWppMF - %SYSTEM32%\tuvWppMF.dll

O2 - BHO: (no name) - {c4f57690-6c2c-4f63-8270-581c37fe5676} - %SYSTEM32%\yemopego.dll

O2 - BHO: (no name) - {c16f26fe-36dd-4a0f-a47c-30bccb4a6026} - %SYSTEM32%\konemabo.dll
O20 - AppInit_DLLs: %SYSTEM32%\bavawapa.dll

O20 - Winlogon Notify: tuvVOGvs - tuvVOGvs.dll (file missing)
O20 - AppInit_DLLs: jucxkb.dll
O20 - AppInit_DLLs: rgbtss.dll rzmcap.dll
O2 - BHO: {fba2f39c-769c-f46b-d314-43d4243e1718} - {8171e342-4d34-413d-b64f-c967c93f2abf} - %SYSTEM32%\oeimkwaf.dll (file missing)

O20 - AppInit_DLLs: hcphgc.dll

O2 - BHO: (no name) - {DAD4D400-78B5-4BB0-9C9C-0DC933CBA6A4} - %SYSTEM32%\pmnlKcYp.dll

O20 - AppInit_DLLs: %SYSTEM32%\defadegi.dll %SYSTEM32%\gadonesi.dll %SYSTEM32%\yoyorena.dll
O20 - AppInit_DLLs: doqjvg.dll gqxdvl.dll

O2 - BHO: (no name) - {6606cfec-c6eb-4f4d-8289-b6a2e384ea5f} - %SYSTEM32%\zevihami.dll
O2 - BHO: (no name) - {c9a3288f-7342-4778-99b9-efff365adeba} - %SYSTEM32%\monajole.dll
O2 - BHO: (no name) - {c5e652d5-b959-4bfd-9b6c-8f6cd7c8492b} - %SYSTEM32%\rasawira.dll
O4 - HKLM\..\Run: [gufisikepo] Rundll32.exe "%SYSTEM32%\yonetaso.dll",s
O4 - HKUS\S-1-5-19\..\Run: [gufisikepo] Rundll32.exe "%SYSTEM32%\yonetaso.dll",s
O20 - AppInit_DLLs: %SYSTEM32%\mapopabe.dll %SYSTEM32%\fuvuhagu.dll %SYSTEM32%\kupogowi.dll %SYSTEM32%\dojukuba.dll
O20 - AppInit_DLLs: %SYSTEM32%\fuzuwigi.dll %SYSTEM32%\sidefevi.dll
O20 - Winlogon Notify: hgGxYRJD - hgGxYRJD.dll (file missing)

O20 - AppInit_DLLs: sqdwcr.dll

O20 - Winlogon Notify: byXRihHB - C:\WINDOWS\
O2 - BHO: (no name) - {4EC66E48-B863-4413-BC91-463D9CCA093B} - %SYSTEM32%\byXRihHB.dll (file missing)
O2 - BHO: (no name) - {7FFAC440-D5F5-43DC-B0C7-7924D21266E9} - %SYSTEM32%\cbXRHaxv.dll (file missing)
O20 - AppInit_DLLs: akwsfk.dll
O2 - BHO: {c7480ddf-4065-67a9-5434-fb559b109ef1} - {1fe901b9-55bf-4345-9a76-5604fdd0847c} - %SYSTEM32%\akwsfk.dll
O2 - BHO: (no name) - {A15FC0D6-06F0-4DC2-973F-284B5563CE81} - %SYSTEM32%\qOIaARHY.dll

O20 - AppInit_DLLs: wvyiqw.dll vgakmg.dll hwwwzk.dll
O20 - AppInit_DLLs: mqkikj.dll dromyf.dll
O20 - AppInit_DLLs: crhegv.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\efcAQKCV.dll
O2 - BHO: (no name) - {9236D419-44A2-4B11-97B2-27E91124303A} - %SYSTEM32%\qoMEuusq.dll
O2 - BHO: (no name) - {19FD8749-C12C-4324-AF72-8F11980FE74D} - %SYSTEM32%\pmnoMgGV.dll
O2 - BHO: (no name) - {77AB5974-55A3-4737-9FD5-B93C64307F78} - %SYSTEM32%\mcwohjfs.dll

O2 - BHO: (no name) - {f98662aa-a779-46b6-99ec-875dff3e8823} - %SYSTEM32%\lajijasu.dll (file missing)
O2 - BHO: (no name) - {f98662aa-a779-46b6-99ec-875dff3e8823} - %SYSTEM32%\doneluvo.dll

O2 - BHO: (no name) - {7e235d19-c2bf-404f-9448-036719e47191} - %SYSTEM32%\wotologa.dll
O4 - HKUS\S-1-5-21-427002223-2362907279-2251899480-1008\..\Run: [MS Juan] rundll32 "C:\WINDOWS\system32\cdfcli.dll",run (User '...')
O4 - HKUS\S-1-5-21-427002223-2362907279-2251899480-1008\..\Run: [MSServer] rundll32.exe %USERPROFILE%\Temp\ddcYpnol.dll,#1 (User '...')
O4 - HKUS\S-1-5-21-427002223-2362907279-2251899480-1008\..\Run: [cmds] rundll32.exe %USERPROFILE%\Temp\hgGyVNDS.dll,c (User '...')

O2 - BHO: (no name) - {B7DEC905-F2AB-4D1E-801A-B60620FDD119} - %SYSTEM32%\awtsPFWn.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\system32\khfFVMeF.dll
O2 - BHO: {bd3908f7-1c24-6489-1314-c1def6441764} - {4671446f-ed1c-4131-9846-42c17f8093db} - %SYSTEM32%\klxmcb.dll
O20 - Winlogon Notify: khfFVMeF - %SYSTEM32%\khfFVMeF.dll

O2 - BHO: (no name) - {8a0501fd-bd35-4e38-aff7-04b2c70a4cca} - %SYSTEM32%\zobedagu.dll
O2 - BHO: (no name) - {FBF85A20-FF88-4C46-90FB-B023E5C4ECA0} - %SYSTEM32%\yayawutu.dll (file missing)
O20 - AppInit_DLLs: %SYSTEM32%\mmmgoigo.dll
O20 - Winlogon Notify: efcYsQiH - efcYsQiH.dll (file missing)
O20 - AppInit_DLLs: %SYSTEM32%\sezerabo.dll %SYSTEM32%\higawaka.dll %SYSTEM32%\system32\wuyeligo.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - %SYSTEM32%\wuyeligo.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - %SYSTEM32%\wuyeligo.dl

O20 - Winlogon Notify: 2c73a92a509 - C:\WINDOWS\System32\dswave32.dll

O20 - AppInit_DLLs: etzhvs.dll mlffmm.dll

O2 - BHO: (no name) - {5d1f7e1a-b676-445b-aafd-8a3c0239eac6} - %SYSTEM32%\gumohili.dll
O2 - BHO: (no name) - {68dd2bea-f08f-40b1-a4fb-99fcc500fabd} - %SYSTEM32%\tilowuke.dll (file missing)
O20 - AppInit_DLLs: visjyr.dll
O20 - AppInit_DLLs: %SYSTEM32%\kudupopu.dll

O2 - BHO: (no name) - {3b392873-1705-44d7-be91-3e6d598deb5f} - %SYSTEM32%\wenijalu.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\awtuRJBS.dll (file missing)
O2 - BHO: (no name) - {3e0be6b0-3823-45e8-8bf0-8256cb04d4f5} - %SYSTEM32%\wuhomuro.dll (file missing)
O2 - BHO: (no name) - {AF346C5E-993F-4EF9-93F9-063315A90A52} - %SYSTEM32%\efcCsrsT.dll (file missing)
O2 - BHO: (no name) - {f5dc7a00-72d7-434a-8634-ab48c5e728e3} - %SYSTEM32%\wiliroba.dll (file missing)
O20 - Winlogon Notify: awtuRJBS - awtuRJBS.dll (file missing)
O20 - AppInit_DLLs: ,%SYSTEM32%\tawagifi.dll taocmb.dll

O2 - BHO: (no name) - {a5016e47-7a44-496d-b203-9db287ffbec3} - %SYSTEM32%\jumowedu.dll
O20 - AppInit_DLLs: %SYSTEM32%\lavogana.dll %SYSTEM32%\beyobusu.dll

December,2008

O2 - BHO: (no name) - {55922e81-78b7-4a52-911a-479efda0c47b} - %SYSTEM32%\teyunufa.dll

O20 - AppInit_DLLs: bfktyg.dll

%SYSTEM32%\hgGxVmnN
O2 - BHO: (no name) - {D40AAEEE-9B7C-434D-9DBB-9554C82E8C01} - %SYSTEM32%\bYOfcApo.dll
%SYSTEM32%\NnmVxGgh.ini

O2 - BHO: (no name) - {e366c670-50d9-494b-9a16-36cf945b3d92} - %SYSTEM32%\pekiboba.dll

O20 - Winlogon Notify: geBqNgfg - geBqNgfg.dll (file missing)
O20 - Winlogon Notify: vtUnooOi - vtUnooOi.dll (file missing)

O20 - Winlogon Notify: awtustq - awtustq.dll (file missing)

O20 - AppInit_DLLs: wyeboi.dll kahfes.dll

O20 - Winlogon Notify: geBRlkIb - %WINDOWS%\
O20 - Winlogon Notify: geBrrRkk - %WINDOWS%\
O20 - Winlogon Notify: ljJCuvut - %WINDOWS%\
O20 - Winlogon Notify: pmnLFuSI - %WINDOWS%\
O20 - Winlogon Notify: urqOEULe - %WINDOWS%\

O20 - Winlogon Notify: qoMdCVoO - qoMdCVoO.dll (file missing)
O20 - AppInit_DLLs: rsitxk.dll cvoqtk.dll wffoxi.dll

O20 - AppInit_DLLs: secuload.dll,avgrsstx.dll

O2 - BHO: {f5c46778-38ba-2dfa-a544-efffb5d7a96d} - {d69a7d5b-fffe-445a-afd2-ab8387764c5f} - %SYSTEM32%\ijzjbp.dll (file missing)
O2 - BHO: (no name) - {db6cfa22-2b58-4f37-947c-a450ca8b8ec5} - %SYSTEM32%\dajidomu.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\pmnljGwt.dll (file missing)
O2 - BHO: (no name) - {87BFF850-ACCF-45EA-BB15-FFF057B487DF} - %SYSTEM32%\awtRKDtU.dll (file missing)
O20 - AppInit_DLLs: ijzjbp.dll C%SYSTEM32%\rivesogo.dll %SYSTEM32%\zuvifobi.dll %SYSTEM32%\vufayigu.dll

O2 - BHO: (no name) - {db1f140e-0c3c-4853-9ac5-70fddc554c47} - %SYSTEM32%\fosinipo.dll
O20 - Winlogon Notify: winuqw32 - winuqw32.dll (file missing)

O2 - BHO: (no name) - {b4237a65-d383-4438-8b07-1892fc2e4466} - %SYSTEM32%\vatoteju.dll

O2 - BHO: (no name) - {9AB0CCAB-FE6E-48AF-A460-B14AA444B53A} - %SYSTEM32%\ssqNDSMD.dll
O2 - BHO: (no name) - {6cc24952-73e1-44f9-ad37-30c3271c15a1} - %SYSTEM32%\vuseyiju.dll
O2 - BHO: (no name) - {9ECD8E6A-BD4D-4829-8E5C-EA3B98DF76E9} - %SYSTEM32%\jkkIYpqr.dll
O2 - BHO: (no name) - {B1629D92-AFE4-4B23-A39D-B092F1D1BCBF} - %SYSTEM32%\awtuutrS.dll

O2 - BHO: (no name) - {03983649-65E0-4A5B-8D53-4C7186569D19} - %SYSTEM32%\byXOgEvt.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\ljJaxuSK.dll
O20 - Winlogon Notify: ljJaxuSK - %SYSTEM32%\ljJaxuSK.dll
O2 - BHO: {8eed3f68-a519-348a-11b4-47db1c610239} - {932016c1-bd74-4b11-a843-915a86f3dee8} - %SYSTEM32%\qsodcg.dll
O20 - AppInit_DLLs: qsodcg.dll

O20 - Winlogon Notify: e8999335511 - %SYSTEM32%\dskquota32.dll
O20 - AppInit_DLLs: %SYSTEM32%\dskquota32.dll

O2 - BHO: (no name) - {394D485C-C1B1-4E1A-ABC8-B22F17CB094E} - %SYSTEM32%\ddcBRifd.dll (file missing)
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\opnlKCSi.dll (file missing)

O2 - BHO: (no name) - {5A203094-7BB8-4F94-ABB8-48CAB3B1A3BE} - %SYSTEM32%\hgGxUMgh.dll (file missing)

O20 - AppInit_DLLs: pbnbcg.dll

O2 - BHO: (no name) - {56c8526f-fc96-4a54-8d24-b52973d68020} - %SYSTEM32%\vabejodu.dll
O20 - AppInit_DLLs: c:\windows\system32\fopihofu.dll,%SYSTEM32%\vafiyene.dll
O20 - Winlogon Notify: WIND-TOYON - %SYSTEM32%\WIND-TOYON.dll

O2 - BHO: {be5439b1-a82f-56a9-e8d4-7961cc22afb3} - {3bfa22cc-1697-4d8e-9a65-f28a1b9345eb} - %SYSTEM32%\boqxmt.dll
O20 - AppInit_DLLs: avgrsstx.dll boqxmt.dll

O2 - BHO: (no name) - {3A1F1F76-A8D4-474F-8104-31DF62251688} - %SYSTEM32%\yayxYQkl.dll (file missing)
O2 - BHO: (no name) - {51653475-BC5C-49A0-BA8D-55B5BB41AFB7} - %SYSTEM32%\opnNedAp.dll (file missing)
O2 - BHO: (no name) - {E859D4C9-59DF-4F08-8752-368C79A10D90} - %SYSTEM32%\urqRJCRl.dll (file missing)

O20 - AppInit_DLLs: igfqbi.dll

O2 - BHO: {48d07878-991d-728b-7064-73ad21b2e936} - {639e2b12-da37-4607-b827-d19987870d84} - (no file)
O20 - AppInit_DLLs: trsisx.dll

O2 - BHO: (no name) - {BEF1DB70-3E5C-4865-9AD0-8D347BB8CEDF} - %SYSTEM32%\byXPGxwT.dll
%SYSTEM32%\byXPGxwT.dll
%SYSTEM32%\byXPGxwT

O20 - Winlogon Notify: fxscfgwz32 - %SYSTEM32%\fxscfgwz32.dll

O2 - BHO: (no name) - {8775147B-2F32-44F5-82C6-E95BC660DC5F} - %SYSTEM32%\nnnnMCuv.dll
O2 - BHO: {a4633520-abe6-1cb8-2754-bb19f694149b} - {b941496f-91bb-4572-8bc1-6eba0253364a} - %SYSTEM32%\huqfgf.dll
O20 - Winlogon Notify: mlJBturQ - mlJBturQ.dll (file missing)
O20 - AppInit_DLLs: huqfgf.dll

O20 - AppInit_DLLs: %SYSTEM32%\vulagidi.dll

O20 - AppInit_DLLs: %SYSTEM32%\barumoju.dll %SYSTEM32%\tiyupotu.dll

O2 - BHO: (no name) - {6A4C38F3-C00C-47FF-8474-5B78639EB53B} - %SYSTEM32%\pmnolMdd.dll
O20 - Winlogon Notify: %SYSTEM32%\hrxjtu.dll
O20 - Winlogon Notify: opnnkhEv - %SYSTEM32%\opnnkhEv.dll
O2 - BHO: C:\WINDOWS\system32\jkse73hedfdgf.dll - {c5bf49a2-94f3-42bd-f434-3604812c897d} - %SYSTEM32%\jkse73hedfdgf.dll

%SYSTEM32%\drivers\dunmyhik6yp.sys

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\opnnlMFV.dll (file missing)
O2 - BHO: (no name) - {E765AEC9-20C0-44C6-BCB5-1536A644DDDE} - %SYSTEM32%\tuvUKCSi.dll (file missing)
O20 - Winlogon Notify: opnnlMFV - opnnlMFV.dll (file missing)

O2 - BHO: (no name) - {4163B2DF-E611-4D1B-952C-17C9A5F8B74B} - %SYSTEM32%\iiffGyvv.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\awtrPiGw.dll (file missing)

O2 - BHO: {ed2c2457-b4c0-a13a-4834-66bd9502dd2c} - {c2dd2059-db66-4384-a31a-0c4b7542c2de} - %SYSTEM32%\qlsmfv.dll
O20 - AppInit_DLLs: qlsmfv.dll

O20 - Winlogon Notify: awtrPiGw - awtrPiGw.dll (file missing)

O2 - BHO: (no name) - {890df8d5-ef6b-40d7-b220-93a6a2f1add3} - %SYSTEM32%\bivemufi.dll

O20 - AppInit_DLLs: %SYSTEM32%\dbmsrpcn3232.dll
O20 - Winlogon Notify: 78fcf717486 - %SYSTEM32%\dbmsrpcn3232.dll (file missing)

O2 - BHO: (no name) - {49113cdd-8e21-43c1-9285-6399d3f77e5a} - %SYSTEM32%\rabomivo.dll

O2 - BHO: (no name) - {77c4f586-72e6-4157-b95e-9a4a5b14446d} - %SYSTEM32%\peyeduli.dll

%SYSTEM32\kabumure.dll
O2 - BHO: (no name) - {bf73ef78-d605-44c8-829b-c0b2661b64b1} - %SYSTEM32%\lopivasa.dll
O4 - HKUS\S-1-5-19\..\Run: [sudasegeka] Rundll32.exe "%SYSTEM32%\ranuvozo.dll",s (User 'SERVICE LOCAL')

O2 - BHO: (no name) - {1389DB14-09AC-4910-A030-08F5C6D42E17} - %SYSTEM32%\urqQjJAP.dll
O2 - BHO: {f245f002-cdb3-867b-a164-b015492a2871} - {1782a294-510b-461a-b768-3bdc200f542f} - %SYSTEM32%\riqmri.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\nnnoPJYS.dll (file missing)

O20 - AppInit_DLLs: riqmri.dll
O20 - Winlogon Notify: nnnoPJYS - nnnoPJYS.dll (file missing)

O2 - BHO: (no name) - {81e96874-7d40-4663-a721-10970e470089} - %SYSTEM32%\zuyisuro.dll
O2 - BHO: {675f8aad-e7ab-be19-0174-22861958287d} - {d7828591-6822-4710-91eb-ba7edaa8f576} - %SYSTEM32%\pemwgd.dll (file missing)

O2 - BHO: (no name) - {1627ded6-05e5-4e00-a1df-17e1c14d4490} - %SYSTEM32%\efcBuRIB.dll (file missing)

O20 - Winlogon Notify: efcBuRIB - efcBuRIB.dll (file missing)

O20 - AppInit_DLLs: %SYSTEM32%\basukavu.dll

O20 - AppInit_DLLs: avgrsstx.dll wfdifc.dll

O2 - BHO: (no name) - {f1ea43b1-f174-4dbd-960b-60fc8e6003fb} - %SYSTEM32%\fuwoduke.dll

O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - %SYSTEM32%\basukavu.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - %SYSTEM32%\basukavu.dll

O2 - BHO: {7eeabef5-f917-ba38-7354-c80a82029f0f} - {f0f92028-a08c-4537-83ab-719f5febaee7} - %SYSTEM32%\gebssk.dll

O2 - BHO: (no name) - {18E40A01-901B-4E4E-8D15-BADBFFED89E9} - %SYSTEM32%\tuvUNdEW.dll (file missing)
O2 - BHO: (no name) - {77AB59B4-55A3-4737-9FD5-B93C6430BF78} - %SYSTEM32%\trqejwiq.dll (file missing)

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\hgGyyxVN.dll (file missing)
O20 - Winlogon Notify: hgGyyxVN - hgGyyxVN.dll (file missing)

O20 - AppInit_DLLs: bukbtg.dll

O2 - BHO: (no name) - {295bb35d-f8b7-4796-aec5-057a8d531dd2} - %SYSTEM32%\yorefenu.dll
O2 - BHO: (no name) - {6ED63687-EB85-4687-A8D0-17E9792B20CA} - %SYSTEM32%\vtuuvvu.dll
O20 - AppInit_DLLs: hoyhuj.dll,%SYSTEM32%\mojujebu.dll

O20 - AppInit_DLLs: pbophh.dll jcbagm.dll

O2 - BHO: (no name) - {22168A64-E403-41BB-B65B-D963B94D35F7} - %SYSTEM32%\mlJBTjiF.dll
O2 - BHO: (no name) - {9A891694-BB76-4708-9425-D36A578FF420} - %SYSTEM32%\lJawuVPg.dll (file missing)
O2 - BHO: (no name) - {22168A64-E403-41BB-B65B-D963B94D35F7} - %SYSTEM32%\mlJBTjiF.dll (file missing)
O2 - BHO: (no name) - {3B86E61B-5586-2923-D93A-5BC0705FD0CA} - %SYSTEM32%\okrvdgo.dll

O2 - BHO: (no name) - {778c9623-02c0-4572-bbab-47c7ae414eed} - %SYSTEM32%\hoyuvuki.dll

O20 - AppInit_DLLs: ydmvwp.dll

O20 - AppInit_DLLs: hxhdho.dll

O2 - BHO: (no name) - {EB56CED1-EE43-44B4-B34A-A2BC9140A068} - %SYSTEM32%\tuvSiGyA.dll (file missing)

O2 - BHO: (no name) - {9D59A325-231E-4458-951A-8717532B62FC} - %SYSTEM32%\geBroLEW.dll
O2 - BHO: (no name) - {e094baa9-24d3-417d-93ed-14ffb5354217} - %SYSTEM32%\lanefiki.dll
O20 - AppInit_DLLs: pxgrhp.dll,%SYSTEM32%\poveyawi.dll

O20 - AppInit_DLLs: mpfeqa.dll

O2 - BHO: (no name) - {BE0CDD2B-3768-4AC7-8278-2EAC1919D837} - %SYSTEM32%\jlntp.dll

%SYSTEM32%\hikepohe.dll
O4 - HKLM\..\Run: [voyobotuze] Rundll32.exe "%SYSTEM32%\hikepohe.dll",s
O4 - HKUS\S-1-5-19\..\Run: [voyobotuze] Rundll32.exe "%SYSTEM32%\hikepohe.dll",s
O20 - AppInit_DLLs:%SYSTEM32%\wdmnglg.dll
%SYSTEM32%\hikepohe.dll
O4 - HKLM\..\Run: [voyobotuze] Rundll32.exe "%SYSTEM32%\hikepohe.dll",s
O4 - HKUS\S-1-5-19\..\Run: [voyobotuze] Rundll32.exe "%SYSTEM32%\hikepohe.dll",s

O20 - AppInit_DLLs: sgrqhk.dll

O20 - AppInit_DLLs: viybpn.dll
O20 - AppInit_DLLs: %SYSTEM32%\guard32.dll uqhvsn.dll

O20 - AppInit_DLLs: hexkvh.dll qihmxx.dll
O2 - BHO: (no name) - {8de9db24-144e-47f2-8d51-b1454b951cbd} - %SYSTEM32%\gotehuye.dll

O2 - BHO: (no name) - {e44703c2-e351-4b18-88bb-d5aae7c09f35} - %SYSTEM32%\nowelafo.dll

%SYSTEM32%\fccbYolJ.dll
%SYSTEM32%\geBroNgE.dll
O20 - Winlogon Notify: geBroNgE - geBroNgE.dll (file missing)

O2 - BHO: {5164772c-2100-ae1b-0854-e12895a33b7e} - {e7b33a59-821e-4580-b1ea-0012c2774615} - %SYSTEM32%\khyeps.dll
O20 - AppInit_DLLs: ,%SYSTEM32%\vidohosi.dll khyeps.dll

O20 - Winlogon Notify: byXQIXOI - byXQIXOI.dll (file missing)
O20 - Winlogon Notify: khfCtttU - khfCtttU.dll (file missing)
O20 - Winlogon Notify: nnnOGwwx - %SYSTEM32%\nnnOGwwx.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\{Random}.dll
O2 - BHO: (no name) - {1d58991d-c244-4d45-a05c-20ae0b9c09e7} - %SYSTEM32%\kozetize.dll
O2 - BHO: (no name) - {6B041A92-D828-4B84-92D3-42AFA0867D0A} - %SYSTEM32%\rqRhEXRk.dll
O2 - BHO: (no name) - {DA047D0C-B536-46B1-BF39-1A7A1D294E3E} - %SYSTEM32%\jkkLfFyY.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\pmnlLfEU.dll
O20 - Winlogon Notify: pmnlLfEU - D:\WINDOWS\SYSTEM32\pmnlLfEU.dll

O20 - Winlogon Notify: dawvhhj - %SYSTEM32%\dawvhhj32.dll
O2 - BHO: (no name) - {87BB740A-CF95-4781-A51C-019EAFD56C7D} - %SYSTEM32%\ljJBuvTK.dll

O20 - AppInit_DLLs: ,%SYSTEM32%\semasema.dll bjhhvx.dll
O20 - AppInit_DLLs: ydchta.dll

O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - %SYSTEM32%\pmnnnkji.dll
O20 - Winlogon Notify: pmnnnkji - %SYSTEM32%\pmnnnkji.dll

O2 - BHO: (no name) - {12D0BDAA-9153-498E-8F38-38B4F262F30F} -%SYSTEM32%\cbXOEUop.dll

November,2008

O20 - Winlogon Notify: awtqonNg - awtqonNg.dll (file missing)

O20 - AppInit_DLLs: ocdtbj.dll

O20 - AppInit_DLLs: ddqowl.dll edwfrt.dll zyzpov.dll bzrrrj.dll mkmoab.dll ejiscp.dll hcmcgl.dll byyhtc.dll zbrzjj.dll qjrzlh.dll

O2 - BHO: {b89b5610-c8f3-6d4b-2fc4-d48ae5906e3d} - {d3e6095e-a84d-4cf2-b4d6-3f8c0165b98b} - %SYSTEM32%\ttvtoo.dll (file missing)

O20 - Winlogon Notify: cbXQGXRL - cbXQGXRL.dll (file missing)

O20 - AppInit_DLLs: mgxhsk.dll

%SYSTEM32%\tbjrfz.dll
O2 - BHO: {8c86c1b3-85cd-fb58-b4f4-11206396ecd2} - {2dce6936-0211-4f4b-85bf-dc583b1c68c8} - %SYSTEM32%\tbjrfz.dll

%SYSTEM32%\hgGVpopO.dll
O2 - BHO: (no name) - {ADA12CEB-64E9-494A-B404-D0ECF3065519} - %SYSTEM32%\hgGVpopO.dll
O20 - Winlogon Notify: hgGVpopO - %SYSTEM32%\hgGVpopO.dll

%SYSTEM32%\ljJcyYqR.dll
O2 - BHO: (no name) - {FA41C025-A790-4BB2-B984-D4DDD7436B47} - %SYSTEM32%\ljJcyYqR.dll

%SYSTEM32%\yogikipe.dll
O2 - BHO: (no name) - {f5c3c77f-359d-4e2b-b89a-ddc8fe3af830} - %SYSTEM32%\yogikipe.dll (file missing)

%SYSTEM32%\hajakari.dll
O2 - BHO: (no name) - {c4d8cc23-d6d6-446b-802e-19da94501a93} - %SYSTEM32%\hajakari.dll

O20 - AppInit_DLLs: raszpj.dll

O20 - AppInit_DLLs: xfgbxi.dll

%SYSTEM32%\tools32.dll
O20 - Winlogon Notify: tools32 - %SYSTEM32%\tools32.dll
O23 - Service: MSWC Tools (tools32) - Unknown owner - rundll32.exe (file missing)

O20 - AppInit_DLLs: ,avgrsstx.dll iqfhlk.dll

%SYSTEM32%\kdxsy.exe
O4 - HKLM\..\Run: [%SYSTEM%\kdxsy.exe] %SYSTEM32%\kdxsy.exe

%SYSTEM32%\wadavuro.dll
O2 - BHO: (no name) - {bbdf77ed-d067-4c0a-b50a-7367d123e192} - %SYSTEM32%\wadavuro.dll

%SYSTEM32%\hyerxt.dll
O20 - AppInit_DLLs: hyerxt.dll

%SYSTEM32%\ljJYQhFU.dll
O2 - BHO: (no name) - {5600363C-B1A7-464C-9D48-B57A901A74FA} - %SYSTEM32%\ljJYQhFU.dll
O20 - Winlogon Notify: ljJYQhFU - %SYSTEM32%\ljJYQhFU.dll

%SYSTEM32%\fccbYpnN.dll
O2 - BHO: (no name) - {2E997D9B-820A-4FEB-87D5-F6C53D451BA4} - %SYSTEM32%\fccbYpnN.dll (file missing)

%SYSTEM32%\svchost.exe:ext.exe
O23 - Service: ICF - Unknown owner - %SYSTEM32%\svchost.exe:ext.exe (file missing)
O23 - Service: FCI - Unknown owner - %SYSTEM32%\svchost.exe:ext.exe
O23 - Service: FCI (fci) - Unknown owner - %SYSTEM32%\svchost.exe:ext.exe (file missing)
O23 - Service: FCI - microsoft corporation - %SYSTEM32%\svchost.exe:ext.exe

%SYSTEM32%\qoMeCRiG.dll
O2 - BHO: (no name) - {1A0C9E43-B88C-41D0-85AF-2EE8C6EE4501} - %SYSTEM32%\qoMeCRiG.dll

%SYSTEM32%\qoMffFYQ.dll
O2 - BHO: (no name) - {4FD130AE-D8D2-4137-A680-C5CF233BE545} - %SYSTEM32%\qoMffFYQ.dll
O20 - Winlogon Notify: %SYSTEM32%\qoMffFYQ.dll

%SYSTEM32%\qedsfwk.dll
O20 - Winlogon Notify: %SYSTEM32%\qedsfwk.dll

%SYSTEM32%\winmyy32.dll
O20 - Winlogon Notify: busStartup - %SYSTEM32%\winmyy32.dll

%SYSTEM32%\geBroMFv.dll
O4 - HKLM\..\Run: [MSServer] rundll32.exe %SYSTEM32%\geBroMFv.dll,#1

%SYSTEM32%\xxyYoOFx.dll
O2 - BHO: (no name) - {1C2DA439-4680-4E85-A22D-EB2385FABF80} - %SYSTEM32%\xxyYoOFx.dll
O20 - Winlogon Notify: xxyYoOFx - %SYSTEM%\xxyYoOFx.dll

%SYSTEM32%\opaqcu.dll
O20 - AppInit_DLLs: opaqcu.dll

%SYSTEM32%\occkmx.dll
O2 - BHO: {472bf62c-f3f8-32c9-4cd4-3898e9ef71d2} - {2d17fe9e-8983-4dc4-9c23-8f3fc26fb274} - %SYSTEM32%\occkmx.dll
O20 - AppInit_DLLs: occkmx.dll

%SYSTEM32%\yayvVPJA.dll
O2 - BHO: (no name) - {3CCDF8CE-C339-4DD6-AD4F-CA7230C7E2F2} - %SYSTEM32%\yayvVPJA.dll
O20 - Winlogon Notify: yayvVPJA - %SYSTEM%\yayvVPJA.dll

%SYSTEM32%\geBroMFv.dll
%SYSTEM32%\ckvo0.dll

O20 - Appinit_DLLs: wmjlkb.dll

 

 

PAGES : 1

 

  

© Copyright's 2008-2009 Nicolas Coolman e-mail - Tous droits réservés -