Trojan.gen & Trojan.gen2.. Please help me get rid of them

Solved
By kryspy99
Nov 29, 2010
Topic Status:
Not open for further replies.
  1. I have Windows Vista 2007

    3/4 days ago my Internet Explorer began to redirect itself to other websites. Luckily I had a firefox browser so I was able to get onto that and download Ad-Aware and the problem was solved. I even downloaded spyware doctor to double check if there was anything else on the computer and after the full scan nothing was shown so I uninstalled it. I have kept ad-aware.

    Since then my Symantec Endpoint protection has shown me scan after scan 20/30 trojan.gen and trojan.gen2 being quarantined. This happens at least a couple times a day.

    I have downloaded,malwarebytes-anti-malware and Windows live one care scanner both programs give my computer a clean bill of health, however scan after scan of symantec show trojans galore. I downloaded and ran ccleaner and still receive this trojans quarantine warnings. What should I do next to prevent whatever is giving access to the trojans in the first place? Any help would be much appreciated.

    On a side note-Do I risk other peoples computers by sending them emails and documents currently? I have only been using a firefox browser since this has been going on.

    Thanks,
    Krystal
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Most antivirus scan will continue to show malware entries even if they aren't active in the system and if only found in the restore points. If that is the case, the only way the system can become reinfected is if you did a System Restore and happen to choose that particular point. At the end of cleaning, we have you drop the old restore points and set a new clean one.

    There are also entries that may show Qoobox or something in Spybot Search & Destroy. Those entries have been handled by other security programs and eventually will all; be removed. So it's all about 'location.'
    Depending on where it shows these entries are, you could be just seeing the same ones over and over and not new or active malware.
    Let's see if you have an currently active malware entries:

    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

    Please note: this is not a full set of cleaning scans- I'm having you do it first because of Norton continuing to show them. However, if you are getting redirected to other sites when searching, it means you do have something active and I encourage you to proceed with the following:

    If you would like us to do the full preliminary malware scans, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
  3. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Thanks

    Thanks for the reply/help..
    I will get back to you with the information soon..
    -Have a good night
    Krystal
  4. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Ran EST scanner

    I used Internet explorer and ran the EST scanner, this is the result of the scan:

    C:\Users\Shane\AppData\Local\Temp\Low\adsldpf.dll a variant of Win32/Injector.DSE trojan
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    This malware infection is a Rootkit password stealer. It is an active infection, but in the temp files. In the future, please include the entire log. Remember to disable the AV while you run the scan.

    You will need to change your passwords now, then again after we get the system clean. And monitor any online financial transactions.

    Please download OTMovit by Old Timer and save to your desktop.
    • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      Code:
      :Processes	
      :Files 
      C:\Users\Shane\AppData\Local\Temp\Low\adsldpf.dll
      :Commands
      [purity]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt3
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
    =========================================
    You should go ahead with the other scans so we can better identify the malware and find all entries. I can then decide which removal program is best.
  6. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Question on the scanning directions?

    Hi,
    I apologize for not putting enough information down. I don't know if I did anything wrong running the EST scanner but I did save the log file and the information I posted was the only information that showed up on the log file. I disabled my adaware, symantec endpoint, and windows defender however, now thinking back to everything I may have forgotten to disable Malwarebytes anti-malware. This may have messed up the log file. I had prior been downloading so many programs to try to fight this Trojan I forgot what I had on my computer. Also symantec was quarantining files (prior to my disabling it) so I don't know if it change the results.

    I will follow your new set of instructions. Do you want me to also use the EST scanner to scan the computer along w/ the other scans after I run the OT moveit?

    Thanks,
    Krystal
  7. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Ran OTmoveit

    I was unsure whether I had to disable anything so I disable adaware and windows defender and symantec endpoint. there was not any option to disable malwarebytes-antimalware.. I will run the est scanner and post the results once I receive them. I just realized I ran it on Firefox browser does that change the results?? Here are the results from otmoveit:


    All processes killed
    ========== PROCESSES ==========
    ========== FILES ==========
    DllUnregisterServer procedure not found in C:\Users\Shane\AppData\Local\Temp\Low\adsldpf.dll
    C:\Users\Shane\AppData\Local\Temp\Low\adsldpf.dll moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Krystal
    ->Temp folder emptied: 2150562 bytes
    ->Temporary Internet Files folder emptied: 3820104 bytes
    ->Java cache emptied: 3000340 bytes
    ->FireFox cache emptied: 92692125 bytes
    ->Flash cache emptied: 32066 bytes

    User: Public

    User: Shane
    ->Temp folder emptied: 25937995 bytes
    ->Temporary Internet Files folder emptied: 15821863 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 74546798 bytes
    ->Flash cache emptied: 64455 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 46474 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 2936352 bytes
    RecycleBin emptied: 9686190 bytes

    Total Files Cleaned = 220.00 mb


    OTM by OldTimer - Version 3.1.17.2 log created on 12032010_110940

    Files moved on Reboot...
    File C:\Windows\temp\~DFA1F2.tmp not found!
    File C:\Windows\temp\~DFA203.tmp not found!

    Registry entries deleted on Reboot...
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    I am not comfortable with that entry from Eset, but it was moved and I'll have you repeat the scan later. This is in the Eset instructions:
    A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt.

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
  9. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Logs from Malwarebytes, GMER and DDS/Attach

    Log file from Malwarebytes-Antimalware:

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 5203

    Windows 6.0.6001 Service Pack 1
    Internet Explorer 7.0.6001.18000

    12/3/2010 11:23:56 PM
    mbam-log-2010-12-03 (23-23-56).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 297602
    Time elapsed: 1 hour(s), 38 minute(s), 2 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)


    GMER log file- I may have not done this correctly I opened the GMER file and it did an automatic quick scan and I took the log file from that. I did not click on the scan button b/c the directions did not specifically state that.

    GMER Log file:

    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit quick scan 2010-12-03 23:43:40
    Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 TOSHIBA_MK1637GSX rev.DL030M
    Running: vtzb844o.exe; Driver: C:\Users\Krystal\AppData\Local\Temp\fwrdafod.sys


    ---- Disk sectors - GMER 1.0.15 ----

    Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
    Disk \Device\Harddisk0\DR0 sector 62: copy of MBR

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\tdx \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp wpsdrvnt.sys
    AttachedDevice \Driver\tdx \Device\Udp wpsdrvnt.sys
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----

    DDS log:


    DDS (Ver_10-11-27.01) - NTFSx86
    Run by Krystal at 23:57:34.04 on Fri 12/03/2010
    Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_22
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3062.1193 [GMT -5:00]

    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Toshiba\IVP\ISM\pinger.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    c:\Toshiba\IVP\swupdate\swupdtmr.exe
    C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
    C:\Program Files\Toshiba\SmoothView\SmoothView.exe
    C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
    C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
    C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
    C:\Program Files\Toshiba\Utilities\KeNotify.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\AIM\aim.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Synaptics\SynTP\SynToshiba.exe
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Krystal\Desktop\dds.scr
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
    mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
    uInternet Settings,ProxyOverride = *.local
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [TOSCDSPD] TOSCDSPD.EXE
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [HWSetup] \HWSetup.exe hwSetUP
    mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
    mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
    mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
    mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini"
    mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
    mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\krystal\appdata\roaming\mozilla\firefox\profiles\8dsejv4b.default\
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\users\krystal\appdata\roaming\mozilla\firefox\profiles\8dsejv4b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Extension: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - c:\users\krystal\appdata\roaming\mozilla\firefox\profiles\8dsejv4b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    ============= SERVICES / DRIVERS ===============

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-11-19 64288]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2007-12-25 40960]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-9-23 1375992]
    R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2010-4-22 1831024]
    R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-9-15 102448]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-9-23 15264]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-12 135664]
    S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2009-12-2 23888]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

    =============== Created Last 30 ================

    2010-12-03 16:09:40 -------- d-----w- C:\_OTM
    2010-12-02 06:16:19 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{6d17f850-0e15-4fdb-a9ff-ef509e101bb6}\mpengine.dll
    2010-12-01 18:38:37 -------- d-----w- c:\program files\ESET
    2010-11-28 03:47:46 -------- d-----w- c:\program files\CCleaner
    2010-11-28 01:46:14 -------- d-----w- c:\users\krystal\appdata\roaming\Malwarebytes
    2010-11-28 01:45:56 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-11-28 01:45:55 -------- d-----w- c:\progra~2\Malwarebytes
    2010-11-28 01:45:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-11-28 01:45:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-11-20 04:32:01 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2010-11-20 04:32:01 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
    2010-11-20 03:00:14 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-11-20 02:47:23 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-11-20 02:47:20 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-11-20 02:40:51 -------- d-----w- c:\users\krystal\appdata\local\Sunbelt Software
    2010-11-20 02:38:47 -------- d-----w- c:\program files\Lavasoft
    2010-11-20 02:16:38 -------- dc-h--w- c:\progra~2\{E961CE1B-C3EA-4882-9F67-F859B555D097}
    2010-11-20 01:50:27 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-11-20 01:50:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

    ==================== Find3M ====================

    2010-10-19 15:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-09-20 09:25:01 231936 ----a-w- c:\windows\system32\msshsq.dll
    2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-10 16:37:06 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-09-08 17:26:59 833024 ----a-w- c:\windows\system32\wininet.dll
    2010-09-08 17:23:42 78336 ----a-w- c:\windows\system32\ieencode.dll
    2010-09-08 15:53:07 389632 ----a-w- c:\windows\system32\html.iec
    2010-09-08 15:28:29 1383424 ----a-w- c:\windows\system32\mshtml.tlb
    2010-09-06 16:24:40 125952 ----a-w- c:\windows\system32\srvsvc.dll
    2010-09-06 16:23:14 17920 ----a-w- c:\windows\system32\netevent.dll

    ============= FINISH: 23:58:12.71 ===============

    Attached Files:

  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    It is a bit confusing, I know. But the instructions in DDS say:\
    ** Include the contents of both logs in your new topic. The scan will instruct you to post Attach.txt as an attachment. No need for that though, just paste it as you would any other log.
    Unfortunately, the author put that attach instruction in and we can't remove it.

    Do you remember if you got a Windows like this?
    [​IMG]
    It's part of the Win32/Injector.DSE trojan that was in Eset.

    These logs look good, but I'd like you to run the following:

    Please download ComboFix from Here and save to your Desktop.

    • [1]. Do NOT rename Combofix unless instructed.
      [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3].Close any open browsers.
      [4]. Double click combofix.exe & follow the prompts to run.
    • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
      [5]. If Combofix asks you to install Recovery Console, please allow it.
      [6]. If Combofix asks you to update the program, always allow.
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.
    Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
    Note: Make sure you re-enable your security programs, when you're done with Combofix..
  11. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Hello

    Hi
    It may be a few days before I can do this next step.. I have a bunch of papers and projects due this week. But I will work on this asap after I turn in my last paper.

    Thanks!
     
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    That's fine. Leaving a note for myself not to close thread in 5 days.


    NOTE: Keep thread open. Member will return.
  13. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Combofix report

    In ref. to the hotspot window.. I don't know if I saw a window like that..i may have but i do not remember...

    ComboFix 10-12-13.02 - Krystal 12/13/2010 18:05:11.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3062.1698 [GMT -5:00]
    Running from: c:\users\Krystal\Desktop\ComboFix.exe
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
    AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    FW: Symantec Endpoint Protection *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
    SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\programdata\xp
    c:\programdata\xp\EBLib.dll
    c:\programdata\xp\TPwSav.sys

    .
    ((((((((((((((((((((((((( Files Created from 2010-11-13 to 2010-12-13 )))))))))))))))))))))))))))))))
    .

    2010-12-13 23:19 . 2010-12-13 23:19 -------- d-----w- c:\users\Krystal\AppData\Local\temp
    2010-12-11 06:35 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EEE152C-B8A6-4D8E-A4AB-78AE3489C216}\mpengine.dll
    2010-12-03 16:09 . 2010-12-03 16:09 -------- d-----w- C:\_OTM
    2010-12-01 18:38 . 2010-12-01 18:38 -------- d-----w- c:\program files\ESET
    2010-11-29 03:28 . 2010-11-29 05:38 -------- d-----w- c:\program files\Windows Live Safety Center
    2010-11-28 03:47 . 2010-11-28 03:47 -------- d-----w- c:\program files\CCleaner
    2010-11-28 01:46 . 2010-11-28 01:46 -------- d-----w- c:\users\Krystal\AppData\Roaming\Malwarebytes
    2010-11-28 01:45 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-11-28 01:45 . 2010-11-28 01:45 -------- d-----w- c:\programdata\Malwarebytes
    2010-11-28 01:45 . 2010-11-28 01:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-11-28 01:45 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-11-20 04:32 . 2010-11-20 14:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2010-11-20 04:32 . 2010-11-20 14:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2010-11-20 03:00 . 2010-09-23 07:46 15880 ----a-w- c:\windows\system32\lsdelete.exe
    2010-11-20 02:47 . 2010-09-23 07:46 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
    2010-11-20 02:47 . 2010-11-20 02:47 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    2010-11-20 02:40 . 2010-11-20 02:40 -------- d-----w- c:\users\Krystal\AppData\Local\Sunbelt Software
    2010-11-20 02:38 . 2010-11-20 02:47 -------- d-----w- c:\programdata\Lavasoft
    2010-11-20 02:38 . 2010-11-20 02:38 -------- d-----w- c:\program files\Lavasoft
    2010-11-20 02:16 . 2010-11-20 02:39 -------- dc-h--w- c:\programdata\{E961CE1B-C3EA-4882-9F67-F859B555D097}
    2010-11-20 01:50 . 2010-08-26 16:01 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-11-20 01:50 . 2010-08-26 14:11 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-10-19 15:41 . 2010-08-12 22:12 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-09-20 09:25 . 2010-10-30 14:22 231936 ----a-w- c:\windows\system32\msshsq.dll
    2010-09-15 23:06 . 2010-09-15 23:06 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2010-09-15 08:50 . 2010-08-13 02:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-12 39408]
    "Aim"="c:\program files\AIM\aim.exe" [2010-09-16 4425048]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HWSetup"="\HWSetup.exe hwSetUP" [X]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-20 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-20 154136]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-20 129560]
    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-09-11 180224]
    "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-04-10 413696]
    "NDSTray.exe"="NDSTray.exe" [BU]
    "SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-23 438272]
    "KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-19 1862144]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-01-30 4911104]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
    "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
    "PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
    "BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-11-06 741376]
    "ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-10-30 77824]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-01-25 115560]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-13 135664]
    R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2009-12-02 23888]
    R3 TpChoice;Touch Pad Detection Filter driver;c:\windows\system32\DRIVERS\TpChoice.sys [x]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
    S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-12-07 1375992]
    S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-08-19 102448]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-11-20 15264]

    .
    Contents of the 'Scheduled Tasks' folder

    2010-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-13 01:22]

    2010-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-13 01:22]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    FF - ProfilePath - c:\users\Krystal\AppData\Roaming\Mozilla\Firefox\Profiles\8dsejv4b.default\
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
    HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    HKLM-Run-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
    SafeBoot-Symantec Antvirus



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-12-13 18:19
    Windows 6.0.6001 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...


    c:\users\Krystal\AppData\Local\Temp\catchme.dll 53248 bytes executable

    scan completed successfully
    hidden files: 1

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    Completion time: 2010-12-13 18:24:09
    ComboFix-quarantined-files.txt 2010-12-13 23:24

    Pre-Run: 36,579,000,320 bytes free
    Post-Run: 45,183,066,112 bytes free

    - - End Of File - - 8722686B2FF57427CD77382DDAA01AF2
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    I anticipate a conflict with 2 antivirus programs running. You should decide which you want and uninstall the other:
    AV: Lavasoft Ad-Watch Live! Anti-Virus
    AV: Symantec Endpoint Protection


    FW: Symantec Endpoint Protection> firewall okay
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated> antimalware okay
    SP: Symantec Endpoint Protection *Disabled/Updated> antimalware okay
    SP: Windows Defender *Disabled/Updated* > antimalware okay
    ===================================================
    I also note Sunbelt Software which to the best of my knowledge is the AV Threatfire
    Spybot S&D is also listed. If you run Tea Timer, it is another Real Time program like AdWatch and they will cause conflict.

    I'd like you to run this Security Check

    Download Security Check by screen317 from HERE or HERE .
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    ====================================
    Follow with: Download HijackThis and save to your desktop.
    • Extract it to a directory on your hard drive called c:\HijackThis.
    • Then navigate to that directory and double-click on the hijackthis.exe file.
    • When started click on the Scan button and then the Save Log button to create a log of your information.
    • The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and paste (Ctrl+V) the log in your next reply.

    NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

    Then I can better recommend what to remove. IF there are left over entries, then I can remove them using script in Combofix. But the system is looking pretty healthy at this point.
  15. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Results of security check and hijack this

    Hi Bobbye,
    Thanks for helping me.. Here is what has happened so far:

    -I uninstalled the Adaware program which I assume is the adwatch-live-AV
    -I looked to uninstall spybot and did not find it in my install/uninstall cntrl panel but when I searched for it I found it as a 15.6mb program icon so I dropped it in the recycle bin
    - I am unsure what threatfire is..

    -Here is the security check file results:

    Results of screen317's Security Check version 0.99.8
    Windows Vista Service Pack 1 (UAC is enabled)
    Out of date service pack!!
    Internet Explorer 7 Out of date!
    ``````````````````````````````
    Antivirus/Firewall Check:

    Windows Firewall Enabled!
    ESET Online Scanner v3
    WVU Configuration for Symantec Endpoint Protection
    Symantec Endpoint Protection
    Norton 360
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

    Malwarebytes' Anti-Malware
    CCleaner
    Java(TM) 6 Update 22
    Java(TM) 6 Update 3
    Out of date Java installed!
    Adobe Flash Player 10.1.82.76
    Adobe Reader 8.2.5
    Out of date Adobe Reader installed!
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent

    Norton ccSvcHst.exe
    ``````````End of Log````````````



    -Hijack this:
    I extracted all files and then I made a folder in the C drive. I pressed the scan and save log file button. It started to download however it stopped and told me I had to run it as an administrator. However it continued to run and did produce a log file. I saved it and I re-ran it as an administrator. I did notice at the bottom of each file that one had more bytes then the other. I am posting both files. The following is the first file not administrator ran:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:35:44 PM, on 12/18/2010
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18542)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
    C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Synaptics\SynTP\SynToshiba.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wuauclt.exe
    C:\HijackThis.exe\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
    O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 9088 bytes


    -The 2nd log file w/ administration run:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:37:09 PM, on 12/18/2010
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18542)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
    C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
    C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
    C:\Program Files\Toshiba\Utilities\KeNotify.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Synaptics\SynTP\SynToshiba.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\HijackThis.exe\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
    O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 9303 bytes
  16. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    additional info to prior posting

    I submitted a post a few minutes ago with the results of hijack this and security check..and it said it had to be reviewed first before it is posted..anyway I just wanted to add this info just in case this affects anything..since the directions did not state to disable Anti-virus programs all my programs were on while running hijack this and security check
  17. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    I use to have AdAware, the paid version. It had a RealTime scanner named AdWatch which would put up an Alert if any Registry change was noted. However, it was not an antivirus program. The heading on your Combofix log indicates that the program AV: Lavasoft Ad-Watch Live! Anti-Virus was running and also SP: Lavasoft Ad-Watch Live! a spyware/antimalware program was running. I checked the Lavasoft site to clarify this and only came away with what looks like both the antomalware and antivirus parts are running. Multiple AV aren't good and especially with Norton which doesn't play well with any other program!
    ===================================
    In order to run HijackThis on Vista you must download the executable file, not the installer file. If you use the link I gave you for HJT, when you extracted the file from the zip link I gave, it is the executable file. So I don't know why you got a notice.
    ===================================
    The Security Check shows the following out of date program which should be uninstalled in Add/Remove Programs:
    Java(TM) 6 Update 3> you have the currect v6u22
    Adobe Reader 8.2.5> needs to be updated to v9.xx .Visit this Adobe Reader site Uninstall v8.2.5 in Add/Remove Programs.
    =========================================
    I don't see any malware entries in the HJT log but would like to mention that many if the processes running in the background probably started on boot and didn't need to. There is also a multitude of Services running that could easily be set to Manual startup type to only run as you needed them to.
    Sometimes, spot checks are done on posts automatically. However I don't see anything pending now.
    ==========================================
    Please repeat the Eset online scan. Logs in next reply please.

    Edit: Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
  18. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    questions

    Hi Bobbye,
    3 questions,

    Should I do a full download of the adobe reader Adobe Reader 9.4 Update - Multiple Languages Or go to updates/programs Adobe Reader 9.4.1 update - multiple languages. I am unsure of which program on the link you sent me to download.

    Also when I logon to this website (techspot) and go to my posts 3/4ths of the time, I am unable to open up my posts it says that I need to wait so many seconds between searches and it still does not open up. Is there something I am doing wrong?

    Where do I go to set programs as manual start up?

    I'll have the results for you of the Eset scanner by tomorrow.

    Anyway thanks a lot, I appreciate the time your taking to help me out,
    Krystal
     
  19. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    We have a glitch that's causing the moderation when not needing it. Hopefully that will get fixed soon. It's causing a lot of frustrations! The biggest problem for us here is that the members aren't waiting and are re-posting the logs. Then we have to go in and delete the duplicates. It's very time consuming- but it's not you.

    For Adobe, I have a suggestion for you: as you saw on the Adobe Update choices, there is a great variance in size. That's because Adobe comes with a lot of bloat. You can get a PDF Reader that does the same thing, free, without the bloat, called FoxIt: I have Foxit Reader 2.3.3309 which is an older version which does everything I need. You can get it here:
    Click on the download icon on the right here to download this version http://www.filehippo.com/download_foxit/4658/

    IF you don't want to try that, I'd go with the Adobe v9.1 update 2nd from the bottom that shows this: Adobe Reader 9.1 - multiple languages 16.3MB
    When the download page comes up, look on lower left corner to Choose your region Choose the one for you and maybe you won't get all the other language bloat.

    As always, when getting a download page, make sure there is nothing pre-checked for toolbars or other.
    ==========================================
    To change the Startup type for a related Service:
    Start> Run> type in services.msc> double click the Service>> if you are going to use this, set it to Manual> if you aren't going to use this> set it to Disabled.
  20. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    Attached eset results w/ more types of trojans than b/f

    Hi Bobbye,
    I downloaded the adobe file. though I had a question, for school I have to use a certain website that has all my classes attached and it checks my computer to see if it is compatible. If I download the foxit instead is that compatible with those programs that check for adobe? I am fuzzy on how this type of stuff works. Below is the results of the eset scanner. I haven't downloaded anything new besides uploading microsoft updates. I am going to ask the other user on my computer if they have downloaded anything. Also I have been using just the firefox browser not IE. (i just tried submitting this post and it says it is to long,, I will be posting this in 2 posts I guess), (ok now i am going to try to post in 3 posts)

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6211
    # api_version=3.0.2
    # EOSSerial=84362b3b2e47a048933475e99f2c9c7d
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2010-12-03 05:51:12
    # local_time=2010-12-03 12:51:12 (-0500, Eastern Standard Time)
    # country="United States"
    # lang=1033
    # osver=6.0.6001 NT Service Pack 1
    # compatibility_mode=5892 16776574 100 100 0 128001023 0 0
    # compatibility_mode=8192 67108863 100 0 0 0 0 0
    # scanned=157062
    # found=1
    # cleaned=0
    # scan_time=5176
    C:\_OTM\MovedFiles\12032010_110940\C_Users\Shane\AppData\Local\Temp\Low\adsldpf.dll a variant of Win32/Injector.DSE trojan 00000000000000000000000000000000 I
    ESETSmartInstaller@High as downloader log:
    all ok
    ESETSmartInstaller@High as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6419
    # api_version=3.0.2
    # EOSSerial=84362b3b2e47a048933475e99f2c9c7d
    # end=finished
    # remove_checked=false
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2010-12-23 05:16:36
    # local_time=2010-12-23 12:16:36 (-0500, Eastern Standard Time)
    # country="United States"
    # lang=1033
    # osver=6.0.6001 NT Service Pack 1
    # compatibility_mode=512 16777215 100 0 0 0 0 0
    # compatibility_mode=5892 16776574 100 100 0 129682243 0 0
    # compatibility_mode=8192 67108863 100 0 927998 927998 0 0
    # scanned=204524
    # found=1348
    # cleaned=0
    # scan_time=6681
    C:\Users\Krystal\AppData\Local\temp\DWH1172.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH120F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH121D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1257.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH125D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1346.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1388.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH13B0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH13FC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH13FD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1416.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH146E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH14AD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH14CB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH14D3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1547.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1577.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH157D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1583.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH158A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH15BA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1604.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1611.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1646.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1650.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH169D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH16AA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH16E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1721.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1749.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1783.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1789.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1795.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH17CD.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH184B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH184F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH186E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH189.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH18C2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH18FE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH191C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1922.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1934.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1991.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1A08.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1A1D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1A53.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1A76.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1AB6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1AD9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1BD4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1C39.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1C3F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1C41.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1CC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1CE0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1D10.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1D4F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1D63.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1DD8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1DFA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1E18.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1E4D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1EFA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1F7E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1FD4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH1FEA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2171.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH218F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH225.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH22BD.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2391.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH23A6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2434.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2579.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2593.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH25C5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH25CA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH25FC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2615.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH264D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH265E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2664.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH268C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2700.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2708.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH27BB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH27D6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH27DA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH27EF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH282E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH28B6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH28E9.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH28F0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH291.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2919.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2995.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH29EE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH29F1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2A60.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2A63.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2A83.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2AA7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2AC1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2B2E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2B52.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2B5D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2B9B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2C7F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2C9B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2CA1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2CCA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2CF0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2D3B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2D3C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2D52.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2DA6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2DAE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2DE7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2E77.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2E90.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2EB4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2EC4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2EE7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2EF6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2F88.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2FB1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2FD0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH2FD4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3086.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3093.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH309B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH30A0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH30AC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3150.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH31A5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH31E3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH31FC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3202.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3245.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH324B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3254.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3269.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3277.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3286.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH329C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3320.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3361.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3373.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3384.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH33C7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH33C8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH340A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH342D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH344B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH347D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH348D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH357C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH357E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3586.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH35DF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3600.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH36AD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3759.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH37E7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3855.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3862.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3951.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3991.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH39F3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH39F4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A1F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A66.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A6C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A75.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A77.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A9A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3A9F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3AC0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3B19.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3B28.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3B8F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3BBD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3BD4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3BD7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3BF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3C1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3C3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3C74.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3CAF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3CB3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3CB4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3CD2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3D0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3D7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3D8C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3DCF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3DE0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3E09.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3E0B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3E1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3E35.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3EB6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3EBC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3EFB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3EFC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3F5C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3FA2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3FAA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH3FB8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH400D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH40C7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH40D9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4149.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4150.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH41A8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH41E3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4204.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4208.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH421C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4225.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4238.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4288.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4296.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH42AB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4318.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4332.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4339.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH438E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH43CD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH43D4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4446.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4456.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH44EC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4507.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH455F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4566.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH456E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH45F1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
  21. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    eset cont...

    C:\Users\Krystal\AppData\Local\temp\DWH4624.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH463A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4673.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH468C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH46A7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4705.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4707.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH489E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4963.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH49C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4B3A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4E0F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH4F8B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5000.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5023.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5038.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5083.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5092.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5199.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH51FA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5235.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH523A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH523D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5279.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH528B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH52D1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5319.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5330.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5389.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH53B8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH53BC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH53FF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH541.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH541D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH54DB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5547.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5559.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH55C9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH561C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5647.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5651.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5675.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5679.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH567F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH56A5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH56EB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH576.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH577E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH57E9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5803.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5833.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5834.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH58B8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5909.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5928.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH596.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH596C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH598F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH59C0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH59D6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH59D7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH59EA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH59F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5A1D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5A35.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5AAE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5ACD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5AD6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5ADA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5ADB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5AE7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5AF0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5B7B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5BC3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5BFC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5C0F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5C4A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5C64.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5C81.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5C92.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5CBB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5CFF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5D0E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5D2A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5D2B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5D2F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5D72.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5DAD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5E38.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5E6B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5EA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5EEB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5F2C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5F60.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5FA7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH5FB1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6010.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH60A2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH60E6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH60ED.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH612.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6195.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH61D3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH61EC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH61FA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6272.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH62A3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH62CF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH62DF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6316.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH636C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH63D9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH63E3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6430.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH644A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH646.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6465.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6480.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6490.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH64D2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH650C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH65D1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH65F5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH65FD.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6647.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6662.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6682.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH66AC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH66C2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6728.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6756.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH67CE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6813.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6997.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6A09.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6ABB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6D93.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6D94.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6DC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6E01.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6E91.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6E99.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6E9C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6EC8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6EF5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6F3B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6F47.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6F53.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6F76.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH6FDA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7019.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7043.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7047.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7061.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH709C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH70A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH70A6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH70AB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH710D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH710E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH719F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH71E2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH71E7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7262.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH728E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7290.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH72C7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH730.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH730D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH739F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH73AD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH740D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH748C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH74FE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7509.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7532.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7541.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH755C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7560.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH75C4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH75F8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH763C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH76CF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH76EB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH770E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7736.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH775E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH77F5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7843.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7845.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7857.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH78D3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH78E2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH79C1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH79FA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7A32.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7A33.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7A78.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7A85.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7AB4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7AB9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7ACD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7AF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7B25.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7BE6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7C48.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7C8B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7CA1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7CCB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7CE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7D1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7D34.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7DAE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7DBA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7DD9.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7DF1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7E03.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7E7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7E8F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7E99.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7EE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH7FD8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH802F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH806A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH806F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH808E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8099.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH80F7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH80FA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH80FB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8129.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8136.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH81C9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH81CD.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH81E2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8205.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8215.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH821E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH822F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH824.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH82A5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8311.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8319.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8340.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8346.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH83A3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH83B6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH83C8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH83D2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH83D3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH83EE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8440.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8453.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8484.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH84AC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH84CC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH84F4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8502.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8515.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8530.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8558.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH857D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH85D2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH85E4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8612.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8615.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH867B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8690.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH86A4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8703.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH879B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8879.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8993.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH89B0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH89E1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8A0A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8A35.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8A38.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8A3E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8A8B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8AA1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8ABE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8AD3.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8AF9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8B08.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8B93.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8BD4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8BF2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8C28.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8C41.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8C6A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8CF4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8D25.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8D3B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8D5F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8DBA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8E5B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8EB2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8ECF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8EE7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8EF2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8F8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8F97.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH8FCE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH903D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH906A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9070.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH90D9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH914B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH915A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9173.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH91C3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH91C7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH91E2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH91F1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH91F7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH920.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9253.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH926C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH92B7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH92DB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH92DC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH92FF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9311.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9341.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH935B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH93AC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH945B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH94AB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH94BF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH94EB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9511.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9514.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH956C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH959E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
  22. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    eset and cont ...

    C:\Users\Krystal\AppData\Local\temp\DWH95B0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9609.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9612.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH961B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH965.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH966F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH96C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH96DE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9717.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9736.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH974E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9768.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH977D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9787.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH981A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9843.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9853.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH98C1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH98CE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9900.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH990A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9920.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH993C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH99EA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9A79.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9A89.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9ABC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9AE7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9AE8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9AF6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9B5B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9B92.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9BE5.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9C38.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9CC2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9CF4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9D07.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9D13.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9D61.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9D65.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9D81.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9D9A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DA0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DCC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DD5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DD9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DDD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DE8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9DEE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9E07.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9E2A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9E2D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9E46.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9E54.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9E69.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9ED.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9EE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9F67.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9F98.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9F9B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9FA4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9FA8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9FAC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWH9FBF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA01B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA045.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA06C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA07.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA0FB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA19F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA1BB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA1BF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA1D4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA1E4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA20A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA266.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA2C1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA2EC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA333.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA3A6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA3B7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA3E7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA473.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA4C6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA4F2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA529.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA577.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA5E4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA68B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA6A5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA6B9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA70A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA794.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA797.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA7FA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA81B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA889.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA892.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA8A7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA8BB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA8CB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA905.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA967.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA973.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA99E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA9D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA9DA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHA9F5.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAA19.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAA4F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAA66.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAB0B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAB24.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAB69.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAB8F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHABBF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHABD9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHABFA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAC27.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAC2B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAC70.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAC93.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHACFF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAD0D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAD35.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAD59.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAD7E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAD8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAE0C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAE1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAE2F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAEA6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAF78.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAFD0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHAFFE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB060.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB066.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB08.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB0E1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB119.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB123.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB137.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB13C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB16B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB16E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB178.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB1DE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB20B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB218.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB263.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB2BC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB2CB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB306.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB311.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB33A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB34E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB37C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB38B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB38D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB42C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB42D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB4B8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB4CC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB4E7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB50C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB50D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB518.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB537.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB538.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB566.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB61A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB61F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB648.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB654.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB68F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB6BA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB753.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB786.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHB9A3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBA68.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBB67.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBB6B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBBC9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBC1C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBCBC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBCCB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBD3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBDD8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBE13.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBE8F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBEA8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBEA9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBEE9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBEF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBF69.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBFAB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBFC0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHBFD1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC029.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC02C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC080.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC08C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC0AF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC146.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC176.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC1AA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC1E6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC1FE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC265.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC286.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC2A1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC2CE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC2FF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC325.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC339.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC373.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC3B2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC3BD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC3E1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC3EC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC424.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC438.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC459.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC477.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC48D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC4C9.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC4F9.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC500.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC522.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC530.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC535.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC537.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC543.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC595.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC648.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC67A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC680.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC695.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC76B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC776.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC7A6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC7C8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC7D2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC812.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
  23. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    eset cont ...whew

    C:\Users\Krystal\AppData\Local\temp\DWHC815.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC827.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC8BA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC8C6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC8D0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC914.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC91C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC983.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC991.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC9A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHC9CB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCA0E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCA49.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCA90.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCAAF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCB55.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCC3B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCC72.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCCBC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCCD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCCE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCCF7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCCFA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCDC7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCDD0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCDD1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCE7F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCE8F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCEA1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCEB0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCF28.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCF4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCF46.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCF6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCF87.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCFD8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCFDA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCFE4.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCFF6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHCFFB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD043.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD07F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD093.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD0F2.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD10.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD149.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD14B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD163.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD172.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD196.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD1A6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD1A7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD1DE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD21E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD233.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD26B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD2D7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD2E3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD308.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD318.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD33F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD357.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD38D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD3AA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD3D0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD45E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD46.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD468.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD483.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD48F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD4AD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD503.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD51A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD573.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD5CC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD721.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD770.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD796.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD7CA.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD7E3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD7E4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD7FE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD8BC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD8D8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD901.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD90C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD95.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD960.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD967.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD971.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD9D7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHD9F9.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDA2A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDA2B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDA3E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDA58.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDA7A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDAC7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDB50.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDB6F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDBB1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDBFF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDC1E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDC2E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDC37.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDD24.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDD4F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDD65.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDD69.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDDB6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDDBD.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDDD0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDE36.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDE83.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDF15.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDF42.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDF6D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDF7B.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDFA8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHDFC0.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE018.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE034.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE037.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE048.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE08.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE094.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE0FD.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE13F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE175.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE1AF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE1D4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE204.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE21C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE22.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE25A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE270.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE288.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE293.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE2AC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE2B0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE2EC.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE326.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE36.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE3C6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE43.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE449.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE462.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE47.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE47A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE48C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE495.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE4A0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE4B0.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE4D6.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE5E3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE61C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE681.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE6A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE6D1.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE6F6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE726.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE778.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE77A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE79.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE7DE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE825.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE835.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE894.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE8A.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE8A7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE8AA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE8D4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE91D.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE931.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE97D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE99C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE9D8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE9F.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHE9F8.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEA0E.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEA41.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEA61.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEAA6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEAAA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEAF9.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEB31.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEBA2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEBAF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEBD.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEBDF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEC9A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHED42.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHED43.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHED9B.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEDB.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEDCA.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEDE5.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEDE7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEE52.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEE7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEEA2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEEC6.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF15.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF26.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF45.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF5F.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF6A.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF6C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHEF8C.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF001.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF015.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF019.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF086.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF09D.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF0B1.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF0EB.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF0F7.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF114.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF124.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF197.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF1C4.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF1FE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF2.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF203.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF219.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF21C.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF220.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF238.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF25E.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF2D8.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF3AE.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF3BE.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF3D3.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF416.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF451.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF474.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF477.tmp a variant of Win32/Kryptik.IFV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF4AF.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF4D7.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
    C:\Users\Krystal\AppData\Local\temp\DWHF4FC.tmp a variant of Win32/Olmarik.AHV trojan (unable to clean) 00000000000000000000000000000000 I
  24. kryspy99

    kryspy99 Newcomer, in training Topic Starter Posts: 26

    eset logfile

    I just tried to add more of the log file but the techspot website says it is a duplicate. So I am attaching the log file from eset to this post. There is probably 2 more postings worth of the logf ile that i are not in the posts.

    I asked the other user and nothing has been downloaded however, itunes is set to automatically download from npr and another source.

    Attached Files:

    • log.txt
      File size:
      185.5 KB
      Views:
      1
  25. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +35

    Regarding the following files
    C:\Users\Shane\AppData\Local\temp\DWH*.tmp
    C:\Users\Krystal\AppData\Local\temp\DWH*.tmp


    According to Symantec and posts from users, this problem has been going on for 3 years. Two document URLs left by Symantec are no longer available.

    It is thought that this massive number of entries showing as malware in the temp files is being caused by the DWHWizard.exe that Symantic uses to update its virus definition when it attempts to update and then the scan engine is mistaking them as trojans. Many Norton users on several Symantec forums are reporting this problem.

    You can find the cause and patch on this Symantec Page.

    It appears that the entries are actually False Positives in that they are not Generic Trojans. IF the patch does not delete the files currently on the machine, please run this but note unless you get the patch, they will recur. It would seem that Symantec/Norton isn't very timely in fixing problems their programs cause. Your attention, for information only, can be found in the 3 year discussion in the Norton Forum.
    ==========================================
    Please download OTMovit by Old Timer and save to your desktop.
    • Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
      Code:
      :Processes	
      
      :Files  
      C:\Users\Shane\AppData\Local\temp\DWH*.tmp
      C:\Users\Krystal\AppData\Local\temp\DWH*.tmp
      
      :Commands
      [purity]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
    • Click the red Moveit! button.
    • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
    • Close OTMoveIt3
    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.