ADIRKA - log ke kontrole

gnaver · Příspěvekod **gnaver** » 17 bře 2007 17:41

tak sem nechal cleaner smazat ty soubory i opravit chyby v registru a ten icesword zadnou chybu nenasel, a poradis mi este jak se uplne zbavit toho viru co mam ted ulozenej v tom SDfixu v backup?

Reklama

Příspěvekod **fredik** » 17 bře 2007 19:03

Sice jsem tam doslova nenapsal ale vlož sem ty dva logy z IceSwordu.

gnaver · Příspěvekod **gnaver** » 17 bře 2007 19:06

Process:

System Idle Process
System
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\IceSword120_en\IceSword.exe
C:\WINDOWS\system32\alg.exe
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TraMet\TraMet.exe
C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
C:\WINDOWS\mixer.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
E:\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\Internet Explorer\iexplore.exe

Kernel Module:

\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
sptd.sys
\WINDOWS\System32\Drivers\WMILIB.SYS
\WINDOWS\System32\Drivers\SPTD5693.SYS
ACPI.sys
pci.sys
isapnp.sys
viaide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\System32\DRIVERS\amdk7.sys
\SystemRoot\System32\DRIVERS\nv4_mini.sys
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\drivers\cmaudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\System32\DRIVERS\RTL8139.SYS
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\System32\Drivers\cdrbsdrv.SYS
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\Drivers\dtscsi.sys
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\i8042prt.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\msmpu401.sys
\SystemRoot\System32\DRIVERS\gameenum.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\Drivers\RootMdm.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\Aavmker4.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\System32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\Drivers\aswMon2.SYS
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\system32\drivers\splitter.sys
\??\D:\Kuba\Lineage2\system\npkcrypt.sys
\SystemRoot\System32\Drivers\IsDrv120.sys
\WINDOWS\system32\ntdll.dll

gnaver · Příspěvekod **gnaver** » 18 bře 2007 18:54

mam delat neco dal? ted mam ten vir v SD fixu v backups tak pls porad frediku :)

sakiri · Příspěvekod **sakiri** » 19 bře 2007 07:29

Tu zálohu SDfixu můžeš smazat.

Ale trošku více mě překvapilo že jsi tam měl Stration/Warezov a v logu vidět nebyla ale combofix ji zlikvidoval.

Víc mě ale vrtá hlavou ta knihovna kterou jsi měl otestovat je čistá ale na jedné stránce figuruje jako šmejd Stration/Warezov.

Bude to více netradiční postup.

Stáhni si avenger a spusť ho pod účtem administrátora.

Zaškrtni volbu - Input script manually vyskočí prázdné okno kam zkopíruj ten text v tom bílém rámečku.
script najdeš zde

Poté co ten celý script zkopíruješ klikni na Done.
Pak klikni na ikonku semafory vyskočí hláška kde odklikni Yes poté další hláška kde odklikni Yes.
PC se restartuje.
Po restartu by ti měl vyběhnout log z avengeru a zkopíruj sem ho.(vím že ten script je dlouhý ale přesto by to bylo vhod to sem zkopírovat.)

Doufám že to chápeš kdy jsi něčemu nerozuměl tak se ptej.

+
nech zkontrolovat tyto dva soubory také na virustotalu:
C:\WINDOWS\system32\sporder.dll
C:\WINDOWS\via.exe

Zapni si - Zobrazovat skryté a systémové soubory.
A zkopíruj sem výsledky.

+ sem dej nový log z combofixu.

Na ten log z Iceswordu se podívám když tak později pokud to neudělá někdo dřív.

gnaver · Příspěvekod **gnaver** » 19 bře 2007 15:18

sporded.dll z virustotalu

AhnLab-V3 2007.3.20.0 03.19.2007 no virus found
AntiVir 7.3.1.43 03.19.2007 no virus found
Authentium 4.93.8 03.17.2007 no virus found
Avast 4.7.936.0 03.19.2007 no virus found
AVG 7.5.0.447 03.19.2007 no virus found
BitDefender 7.2 03.19.2007 no virus found
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV devel-20070312 03.19.2007 no virus found
DrWeb 4.33 03.19.2007 no virus found
eSafe 7.0.14.0 03.19.2007 no virus found
eTrust-Vet 30.6.3491 03.19.2007 no virus found
Ewido 4.0 03.19.2007 no virus found
FileAdvisor 1 03.19.2007 No threat detected
Fortinet 2.85.0.0 03.19.2007 no virus found
F-Prot 4.3.1.45 03.17.2007 no virus found
F-Secure 6.70.13030.0 03.19.2007 no virus found
Ikarus T3.1.1.3 03.19.2007 no virus found
Kaspersky 4.0.2.24 03.19.2007 no virus found
McAfee 4986 03.16.2007 no virus found
Microsoft 1.2306 03.19.2007 no virus found
NOD32v2 2126 03.19.2007 no virus found
Norman 5.80.02 03.19.2007 no virus found
Panda 9.0.0.4 03.19.2007 no virus found
Prevx1 V2 03.19.2007 no virus found
Sophos 4.15.0 03.13.2007 no virus found
Sunbelt 2.2.907.0 03.16.2007 no virus found
Symantec 10 03.19.2007 no virus found
TheHacker 6.1.6.077 03.19.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.18.2007 no virus found
VirusBuster 4.3.7:9 03.19.2007 no virus found

Aditional Information
File size: 8704 bytes
MD5: a082e5473b2a9a4d846ed7ddf637ac76
SHA1: 1703f7969a6e76f8458eda3e8e40fd115c0bfdc3
Bit9 info: http://fileadvisor.bit9.com/services/ex ... ddf637ac76

gnaver · Příspěvekod **gnaver** » 19 bře 2007 15:28

novej combofix

"Kuba" - 07-03-19 15:26:54 Service Pack 2
ComboFix 07-03-15.2 - Running from: "E:\"

((((((((((((((((((((((((((((((( Files Created from 2007-02-19 to 2007-03-19 ))))))))))))))))))))))))))))))))))

2007-03-17 17:15 <DIR> d-------- C:\Program Files\Yahoo!
2007-03-17 17:15 <DIR> d-------- C:\Program Files\CCleaner
2007-03-16 20:32 11 --a------ C:\WINDOWS\system32\uiqzmticq.dll
2007-03-16 19:08 8,704 --a------ C:\WINDOWS\system32\sporder.dll
2007-03-16 19:08 58,501 --a------ C:\WINDOWS\via.exe
2007-03-08 14:45 <DIR> d-------- C:\Program Files\QIP
2007-02-25 16:21 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2007-02-25 16:11 <DIR> d-------- C:\Program Files\Native Instruments
2007-02-22 13:56 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-02-21 14:49 <DIR> d-------- C:\WINDOWS\system32\URTTEMP
2007-02-21 14:45 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-02-21 14:45 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2007-02-21 14:43 94,064 --a------ C:\WINDOWS\system32\drivers\k510mdm.sys
2007-02-21 14:43 85,408 --a------ C:\WINDOWS\system32\drivers\k510mgmt.sys
2007-02-21 14:43 83,344 --a------ C:\WINDOWS\system32\drivers\k510obex.sys
2007-02-21 14:43 8,336 --a------ C:\WINDOWS\system32\drivers\k510mdfl.sys
2007-02-21 14:43 6,176 --a------ C:\WINDOWS\system32\drivers\k510cmnt.sys
2007-02-21 14:43 6,176 --a------ C:\WINDOWS\system32\drivers\k510cm.sys
2007-02-21 14:43 58,288 --a------ C:\WINDOWS\system32\drivers\k510bus.sys
2007-02-21 14:43 5,808 --a------ C:\WINDOWS\system32\drivers\k510whnt.sys
2007-02-21 14:43 5,808 --a------ C:\WINDOWS\system32\drivers\k510wh.sys
2007-02-21 14:43 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-02-21 14:42 <DIR> d-------- C:\WINDOWS\Downloaded Installations

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-03-18 21:27 -------- d-------- C:\Program Files\quicktime
2007-03-18 21:27 -------- d-------- C:\Program Files\quicktime
2007-03-16 19:36 -------- d-------- C:\Program Files\save
2007-03-16 19:36 -------- d-------- C:\Program Files\save
2007-03-07 18:47 -------- d-------- C:\Program Files\icqlite
2007-03-07 18:47 -------- d-------- C:\Program Files\icqlite
2007-02-23 20:25 -------- d-------- C:\Program Files\lineageii
2007-02-23 20:25 -------- d-------- C:\Program Files\lineageii
2007-02-21 14:50 73506 --a------ C:\WINDOWS\system32\perfc005.dat
2007-02-21 14:50 398250 --a------ C:\WINDOWS\system32\perfh005.dat
2007-02-02 21:16 -------- d--h----- C:\Program Files\installshield installation information
2007-02-02 21:16 -------- d--h----- C:\Program Files\installshield installation information
2007-01-25 17:00 -------- d-------- C:\Program Files\finepixviewer
2007-01-25 17:00 -------- d-------- C:\Program Files\finepixviewer
2007-01-24 18:36 -------- d-------- C:\Program Files\microsoft games
2007-01-24 18:36 -------- d-------- C:\Program Files\microsoft games
2007-01-15 18:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
2007-01-15 18:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
2007-01-15 17:52 98304 --a------ C:\WINDOWS\system32\cmdlineext.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NVMCTRAY.DLL,NvTaskbarInit"
"WhenUSave"="\"C:\\Program Files\\Save\\Save.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"TraMet"="C:\\Program Files\\TraMet\\TraMet.exe"
"C-Media Echo Control"="C:\\Program Files\\PCI Audio Applications\\Bin\\EchoCtrl.exe"
"C-Media Mixer"="Mixer.exe /startup"
"DAEMON Tools"="\"E:\\DAEMON Tools\\daemon.exe\" -lang 1033"
"REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ICQLite"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ICQLite\\ICQLite.exe\" -minimize"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-19 15:28:08
C:\ComboFix2.txt ... 07-03-17 13:11
C:\ComboFix3.txt ... 07-03-17 13:02

gnaver · Příspěvekod **gnaver** » 19 bře 2007 15:29

via.exe z virustotalu ale je to jen cast pak se to nak zastavilo

AhnLab-V3 2007.3.20.0 03.19.2007 no virus found
AntiVir 7.3.1.43 03.19.2007 WORM/Zhelatin.Gen
Authentium 4.93.8 03.17.2007 no virus found
Avast 4.7.936.0 03.19.2007 no virus found
AVG 7.5.0.447 03.19.2007 Downloader.Tibs.4.I
BitDefender 7.2 03.19.2007 GenPack:Trojan.Peed.IK
CAT-QuickHeal 9.00 03.15.2007 no virus found
ClamAV devel-20070312 03.19.2007 Trojan.Small-1443
DrWeb 4.33 03.19.2007 Trojan.Packed.55
eSafe 7.0.14.0 03.19.2007 Suspicious Trojan/Worm
eTrust-Vet 30.6.3491 03.19.2007 Win32/Sinteri.BE
Ewido 4.0 03.19.2007 Worm.Zhelatin.bl
FileAdvisor 1 03.19.2007 no virus found
Fortinet 2.85.0.0 03.19.2007 W32/Tibs.LB@mm
F-Prot 4.3.1.45 03.17.2007 no virus found

Aditional Information
File size: 58501 bytes
MD5: 976246b67a1b83a21c67b84e1a5036ca
SHA1: 84dedc4f2e84f12e6046a6607c10901c1d277eb9

gnaver · Příspěvekod **gnaver** » 19 bře 2007 15:34

vysledek avangera

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\finbuvhy

*******************

Script file located at: \??\C:\WINDOWS\mctgmldu.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\Temp\tmpf5 not found!
Deletion of file C:\WINDOWS\Temp\tmpf5 failed!

Could not process line:
C:\WINDOWS\Temp\tmpf5
Status: 0xc0000034

File C:\WINDOWS\atmcfg.tmp not found!
Deletion of file C:\WINDOWS\atmcfg.tmp failed!

Could not process line:
C:\WINDOWS\atmcfg.tmp
Status: 0xc0000034

File C:\WINDOWS\attcfg.tmp not found!
Deletion of file C:\WINDOWS\attcfg.tmp failed!

Could not process line:
C:\WINDOWS\attcfg.tmp
Status: 0xc0000034

File C:\WINDOWS\avistat.tmp not found!
Deletion of file C:\WINDOWS\avistat.tmp failed!

Could not process line:
C:\WINDOWS\avistat.tmp
Status: 0xc0000034

File C:\WINDOWS\brwcfg.tmp not found!
Deletion of file C:\WINDOWS\brwcfg.tmp failed!

Could not process line:
C:\WINDOWS\brwcfg.tmp
Status: 0xc0000034

File C:\WINDOWS\concfg.tmp not found!
Deletion of file C:\WINDOWS\concfg.tmp failed!

Could not process line:
C:\WINDOWS\concfg.tmp
Status: 0xc0000034

File C:\WINDOWS\egadata.tmp not found!
Deletion of file C:\WINDOWS\egadata.tmp failed!

Could not process line:
C:\WINDOWS\egadata.tmp
Status: 0xc0000034

File C:\WINDOWS\dbmdata.tmp not found!
Deletion of file C:\WINDOWS\dbmdata.tmp failed!

Could not process line:
C:\WINDOWS\dbmdata.tmp
Status: 0xc0000034

File C:\WINDOWS\sc.tmp not found!
Deletion of file C:\WINDOWS\sc.tmp failed!

Could not process line:
C:\WINDOWS\sc.tmp
Status: 0xc0000034

File C:\WINDOWS\sc.xml1 not found!
Deletion of file C:\WINDOWS\sc.xml1 failed!

Could not process line:
C:\WINDOWS\sc.xml1
Status: 0xc0000034

File C:\WINDOWS\tj7jec.tmp not found!
Deletion of file C:\WINDOWS\tj7jec.tmp failed!

Could not process line:
C:\WINDOWS\tj7jec.tmp
Status: 0xc0000034

File C:\WINDOWS\d5txeh9i.bmp not found!
Deletion of file C:\WINDOWS\d5txeh9i.bmp failed!

Could not process line:
C:\WINDOWS\d5txeh9i.bmp
Status: 0xc0000034

File C:\WINDOWS\b6iqdkku.scf not found!
Deletion of file C:\WINDOWS\b6iqdkku.scf failed!

Could not process line:
C:\WINDOWS\b6iqdkku.scf
Status: 0xc0000034

File C:\WINDOWS\jw9ucgel.scf not found!
Deletion of file C:\WINDOWS\jw9ucgel.scf failed!

Could not process line:
C:\WINDOWS\jw9ucgel.scf
Status: 0xc0000034

File C:\WINDOWS\k6jb7v.scf not found!
Deletion of file C:\WINDOWS\k6jb7v.scf failed!

Could not process line:
C:\WINDOWS\k6jb7v.scf
Status: 0xc0000034

File C:\WINDOWS\c6wsq6.reg not found!
Deletion of file C:\WINDOWS\c6wsq6.reg failed!

Could not process line:
C:\WINDOWS\c6wsq6.reg
Status: 0xc0000034

File C:\WINDOWS\cesm9q.reg not found!
Deletion of file C:\WINDOWS\cesm9q.reg failed!

Could not process line:
C:\WINDOWS\cesm9q.reg
Status: 0xc0000034

File C:\WINDOWS\eevmwk.reg not found!
Deletion of file C:\WINDOWS\eevmwk.reg failed!

Could not process line:
C:\WINDOWS\eevmwk.reg
Status: 0xc0000034

File C:\WINDOWS\f3da8e.reg not found!
Deletion of file C:\WINDOWS\f3da8e.reg failed!

Could not process line:
C:\WINDOWS\f3da8e.reg
Status: 0xc0000034

File C:\WINDOWS\hnwjp41c.reg not found!
Deletion of file C:\WINDOWS\hnwjp41c.reg failed!

Could not process line:
C:\WINDOWS\hnwjp41c.reg
Status: 0xc0000034

File C:\WINDOWS\in0r6hai.reg not found!
Deletion of file C:\WINDOWS\in0r6hai.reg failed!

Could not process line:
C:\WINDOWS\in0r6hai.reg
Status: 0xc0000034

File C:\WINDOWS\brwmark.ini not found!
Deletion of file C:\WINDOWS\brwmark.ini failed!

Could not process line:
C:\WINDOWS\brwmark.ini
Status: 0xc0000034

File C:\WINDOWS\dqpdroc.ini not found!
Deletion of file C:\WINDOWS\dqpdroc.ini failed!

Could not process line:
C:\WINDOWS\dqpdroc.ini
Status: 0xc0000034

File C:\WINDOWS\gjo2qi.ini not found!
Deletion of file C:\WINDOWS\gjo2qi.ini failed!

Could not process line:
C:\WINDOWS\gjo2qi.ini
Status: 0xc0000034

File C:\WINDOWS\xt2in5uk.ini not found!
Deletion of file C:\WINDOWS\xt2in5uk.ini failed!

Could not process line:
C:\WINDOWS\xt2in5uk.ini
Status: 0xc0000034

File C:\WINDOWS\accm.exe not found!
Deletion of file C:\WINDOWS\accm.exe failed!

Could not process line:
C:\WINDOWS\accm.exe
Status: 0xc0000034

File C:\WINDOWS\ais32.exe not found!
Deletion of file C:\WINDOWS\ais32.exe failed!

Could not process line:
C:\WINDOWS\ais32.exe
Status: 0xc0000034

File C:\WINDOWS\alerter.exe not found!
Deletion of file C:\WINDOWS\alerter.exe failed!

Could not process line:
C:\WINDOWS\alerter.exe
Status: 0xc0000034

File C:\WINDOWS\aorvno91m.txt not found!
Deletion of file C:\WINDOWS\aorvno91m.txt failed!

Could not process line:
C:\WINDOWS\aorvno91m.txt
Status: 0xc0000034

File C:\WINDOWS\cc1.exe not found!
Deletion of file C:\WINDOWS\cc1.exe failed!

Could not process line:
C:\WINDOWS\cc1.exe
Status: 0xc0000034

File C:\WINDOWS\cc2.exe not found!
Deletion of file C:\WINDOWS\cc2.exe failed!

Could not process line:
C:\WINDOWS\cc2.exe
Status: 0xc0000034

File C:\WINDOWS\cc3.exe not found!
Deletion of file C:\WINDOWS\cc3.exe failed!

Could not process line:
C:\WINDOWS\cc3.exe
Status: 0xc0000034

File C:\WINDOWS\cc4.exe not found!
Deletion of file C:\WINDOWS\cc4.exe failed!

Could not process line:
C:\WINDOWS\cc4.exe
Status: 0xc0000034

File C:\WINDOWS\cc5.exe not found!
Deletion of file C:\WINDOWS\cc5.exe failed!

Could not process line:
C:\WINDOWS\cc5.exe
Status: 0xc0000034

File C:\WINDOWS\chater.exe not found!
Deletion of file C:\WINDOWS\chater.exe failed!

Could not process line:
C:\WINDOWS\chater.exe
Status: 0xc0000034

File C:\WINDOWS\cknxj2wno.log not found!
Deletion of file C:\WINDOWS\cknxj2wno.log failed!

Could not process line:
C:\WINDOWS\cknxj2wno.log
Status: 0xc0000034

File C:\WINDOWS\csrsd.exe not found!
Deletion of file C:\WINDOWS\csrsd.exe failed!

Could not process line:
C:\WINDOWS\csrsd.exe
Status: 0xc0000034

File C:\WINDOWS\ccsserv.exe not found!
Deletion of file C:\WINDOWS\ccsserv.exe failed!

Could not process line:
C:\WINDOWS\ccsserv.exe
Status: 0xc0000034

File C:\WINDOWS\ccsserv.dat not found!
Deletion of file C:\WINDOWS\ccsserv.dat failed!

Could not process line:
C:\WINDOWS\ccsserv.dat
Status: 0xc0000034

File C:\WINDOWS\eba2h6cc.dat not found!
Deletion of file C:\WINDOWS\eba2h6cc.dat failed!

Could not process line:
C:\WINDOWS\eba2h6cc.dat
Status: 0xc0000034

File C:\WINDOWS\f8or9s.exe not found!
Deletion of file C:\WINDOWS\f8or9s.exe failed!

Could not process line:
C:\WINDOWS\f8or9s.exe
Status: 0xc0000034

File C:\WINDOWS\ftg71cj1qx.dat not found!
Deletion of file C:\WINDOWS\ftg71cj1qx.dat failed!

Could not process line:
C:\WINDOWS\ftg71cj1qx.dat
Status: 0xc0000034

File C:\WINDOWS\fwall32.dat not found!
Deletion of file C:\WINDOWS\fwall32.dat failed!

Could not process line:
C:\WINDOWS\fwall32.dat
Status: 0xc0000034

File C:\WINDOWS\gn3kud5.log not found!
Deletion of file C:\WINDOWS\gn3kud5.log failed!

Could not process line:
C:\WINDOWS\gn3kud5.log
Status: 0xc0000034

File C:\WINDOWS\hv4e05.dll not found!
Deletion of file C:\WINDOWS\hv4e05.dll failed!

Could not process line:
C:\WINDOWS\hv4e05.dll
Status: 0xc0000034

File C:\WINDOWS\kheu93.dll not found!
Deletion of file C:\WINDOWS\kheu93.dll failed!

Could not process line:
C:\WINDOWS\kheu93.dll
Status: 0xc0000034

File C:\WINDOWS\jestertb.dll not found!
Deletion of file C:\WINDOWS\jestertb.dll failed!

Could not process line:
C:\WINDOWS\jestertb.dll
Status: 0xc0000034

File C:\WINDOWS\md2icut9a2.dll not found!
Deletion of file C:\WINDOWS\md2icut9a2.dll failed!

Could not process line:
C:\WINDOWS\md2icut9a2.dll
Status: 0xc0000034

File C:\WINDOWS\msout.exe not found!
Deletion of file C:\WINDOWS\msout.exe failed!

Could not process line:
C:\WINDOWS\msout.exe
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.exe not found!
Deletion of file C:\WINDOWS\msupdtwiz.exe failed!

Could not process line:
C:\WINDOWS\msupdtwiz.exe
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.c not found!
Deletion of file C:\WINDOWS\msupdtwiz.c failed!

Could not process line:
C:\WINDOWS\msupdtwiz.c
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.s not found!
Deletion of file C:\WINDOWS\msupdtwiz.s failed!

Could not process line:
C:\WINDOWS\msupdtwiz.s
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.z not found!
Deletion of file C:\WINDOWS\msupdtwiz.z failed!

Could not process line:
C:\WINDOWS\msupdtwiz.z
Status: 0xc0000034

File C:\WINDOWS\msupdtwiz.dat not found!
Deletion of file C:\WINDOWS\msupdtwiz.dat failed!

Could not process line:
C:\WINDOWS\msupdtwiz.dat
Status: 0xc0000034

File C:\WINDOWS\nmac32.exe not found!
Deletion of file C:\WINDOWS\nmac32.exe failed!

Could not process line:
C:\WINDOWS\nmac32.exe
Status: 0xc0000034

File C:\WINDOWS\np8dbq.exe not found!
Deletion of file C:\WINDOWS\np8dbq.exe failed!

Could not process line:
C:\WINDOWS\np8dbq.exe
Status: 0xc0000034

File C:\WINDOWS\npad32.dat not found!
Deletion of file C:\WINDOWS\npad32.dat failed!

Could not process line:
C:\WINDOWS\npad32.dat
Status: 0xc0000034

File C:\WINDOWS\odfvf.dat not found!
Deletion of file C:\WINDOWS\odfvf.dat failed!

Could not process line:
C:\WINDOWS\odfvf.dat
Status: 0xc0000034

File C:\WINDOWS\reggserv.dat not found!
Deletion of file C:\WINDOWS\reggserv.dat failed!

Could not process line:
C:\WINDOWS\reggserv.dat
Status: 0xc0000034

File C:\WINDOWS\rmtemp~.exe not found!
Deletion of file C:\WINDOWS\rmtemp~.exe failed!

Could not process line:
C:\WINDOWS\rmtemp~.exe
Status: 0xc0000034

File C:\WINDOWS\semr8u8j8n.dll not found!
Deletion of file C:\WINDOWS\semr8u8j8n.dll failed!

Could not process line:
C:\WINDOWS\semr8u8j8n.dll
Status: 0xc0000034

File C:\WINDOWS\serrv.c not found!
Deletion of file C:\WINDOWS\serrv.c failed!

Could not process line:
C:\WINDOWS\serrv.c
Status: 0xc0000034

File C:\WINDOWS\serrv.exe not found!
Deletion of file C:\WINDOWS\serrv.exe failed!

Could not process line:
C:\WINDOWS\serrv.exe
Status: 0xc0000034

File C:\WINDOWS\serrv.wax not found!
Deletion of file C:\WINDOWS\serrv.wax failed!

Could not process line:
C:\WINDOWS\serrv.wax
Status: 0xc0000034

File C:\WINDOWS\serrv.dat not found!
Deletion of file C:\WINDOWS\serrv.dat failed!

Could not process line:
C:\WINDOWS\serrv.dat
Status: 0xc0000034

File C:\WINDOWS\serv.exe not found!
Deletion of file C:\WINDOWS\serv.exe failed!

Could not process line:
C:\WINDOWS\serv.exe
Status: 0xc0000034

File C:\WINDOWS\serv.wax not found!
Deletion of file C:\WINDOWS\serv.wax failed!

Could not process line:
C:\WINDOWS\serv.wax
Status: 0xc0000034

File C:\WINDOWS\smm126.exe not found!
Deletion of file C:\WINDOWS\smm126.exe failed!

Could not process line:
C:\WINDOWS\smm126.exe
Status: 0xc0000034

File C:\WINDOWS\spoolsrv.exe not found!
Deletion of file C:\WINDOWS\spoolsrv.exe failed!

Could not process line:
C:\WINDOWS\spoolsrv.exe
Status: 0xc0000034

File C:\WINDOWS\spow32.exe not found!
Deletion of file C:\WINDOWS\spow32.exe failed!

Could not process line:
C:\WINDOWS\spow32.exe
Status: 0xc0000034

File C:\WINDOWS\sqhost.exe not found!
Deletion of file C:\WINDOWS\sqhost.exe failed!

Could not process line:
C:\WINDOWS\sqhost.exe
Status: 0xc0000034

File C:\WINDOWS\sqhost.wax not found!
Deletion of file C:\WINDOWS\sqhost.wax failed!

Could not process line:
C:\WINDOWS\sqhost.wax
Status: 0xc0000034

File C:\WINDOWS\sqhost.c not found!
Deletion of file C:\WINDOWS\sqhost.c failed!

Could not process line:
C:\WINDOWS\sqhost.c
Status: 0xc0000034

File C:\WINDOWS\sqhost.s not found!
Deletion of file C:\WINDOWS\sqhost.s failed!

Could not process line:
C:\WINDOWS\sqhost.s
Status: 0xc0000034

File C:\WINDOWS\sqhost.z not found!
Deletion of file C:\WINDOWS\sqhost.z failed!

Could not process line:
C:\WINDOWS\sqhost.z
Status: 0xc0000034

File C:\WINDOWS\sqhost.dat not found!
Deletion of file C:\WINDOWS\sqhost.dat failed!

Could not process line:
C:\WINDOWS\sqhost.dat
Status: 0xc0000034

File C:\WINDOWS\sqhos32.dat not found!
Deletion of file C:\WINDOWS\sqhos32.dat failed!

Could not process line:
C:\WINDOWS\sqhos32.dat
Status: 0xc0000034

File C:\WINDOWS\sserrvv.exe not found!
Deletion of file C:\WINDOWS\sserrvv.exe failed!

Could not process line:
C:\WINDOWS\sserrvv.exe
Status: 0xc0000034

File C:\WINDOWS\sserrvv.wax not found!
Deletion of file C:\WINDOWS\sserrvv.wax failed!

Could not process line:
C:\WINDOWS\sserrvv.wax
Status: 0xc0000034

File C:\WINDOWS\sserrvv.c not found!
Deletion of file C:\WINDOWS\sserrvv.c failed!

Could not process line:
C:\WINDOWS\sserrvv.c
Status: 0xc0000034

File C:\WINDOWS\sserrvv.s not found!
Deletion of file C:\WINDOWS\sserrvv.s failed!

Could not process line:
C:\WINDOWS\sserrvv.s
Status: 0xc0000034

File C:\WINDOWS\sserrvv.z not found!
Deletion of file C:\WINDOWS\sserrvv.z failed!

Could not process line:
C:\WINDOWS\sserrvv.z
Status: 0xc0000034

File C:\WINDOWS\t2serv.dll not found!
Deletion of file C:\WINDOWS\t2serv.dll failed!

Could not process line:
C:\WINDOWS\t2serv.dll
Status: 0xc0000034

File C:\WINDOWS\t2serv.s not found!
Deletion of file C:\WINDOWS\t2serv.s failed!

Could not process line:
C:\WINDOWS\t2serv.s
Status: 0xc0000034

File C:\WINDOWS\t2serv.wax not found!
Deletion of file C:\WINDOWS\t2serv.wax failed!

Could not process line:
C:\WINDOWS\t2serv.wax
Status: 0xc0000034

File C:\WINDOWS\tpup.wax not found!
Deletion of file C:\WINDOWS\tpup.wax failed!

Could not process line:
C:\WINDOWS\tpup.wax
Status: 0xc0000034

File C:\WINDOWS\tpup.exe not found!
Deletion of file C:\WINDOWS\tpup.exe failed!

Could not process line:
C:\WINDOWS\tpup.exe
Status: 0xc0000034

File C:\WINDOWS\tpup.z not found!
Deletion of file C:\WINDOWS\tpup.z failed!

Could not process line:
C:\WINDOWS\tpup.z
Status: 0xc0000034

File C:\WINDOWS\tpup.dat not found!
Deletion of file C:\WINDOWS\tpup.dat failed!

Could not process line:
C:\WINDOWS\tpup.dat
Status: 0xc0000034

File C:\WINDOWS\twain22.exe not found!
Deletion of file C:\WINDOWS\twain22.exe failed!

Could not process line:
C:\WINDOWS\twain22.exe
Status: 0xc0000034

File C:\WINDOWS\update86.exe not found!
Deletion of file C:\WINDOWS\update86.exe failed!

Could not process line:
C:\WINDOWS\update86.exe
Status: 0xc0000034

File C:\WINDOWS\wqpd32.dat not found!
Deletion of file C:\WINDOWS\wqpd32.dat failed!

Could not process line:
C:\WINDOWS\wqpd32.dat
Status: 0xc0000034

File C:\WINDOWS\system32\40.tmp not found!
Deletion of file C:\WINDOWS\system32\40.tmp failed!

Could not process line:
C:\WINDOWS\system32\40.tmp
Status: 0xc0000034

File C:\WINDOWS\system32\40.tmp.exe not found!
Deletion of file C:\WINDOWS\system32\40.tmp.exe failed!

Could not process line:
C:\WINDOWS\system32\40.tmp.exe
Status: 0xc0000034

File C:\WINDOWS\system32\actidmoc.exe not found!
Deletion of file C:\WINDOWS\system32\actidmoc.exe failed!

Could not process line:
C:\WINDOWS\system32\actidmoc.exe
Status: 0xc0000034

File C:\WINDOWS\system32\alerter.exe not found!
Deletion of file C:\WINDOWS\system32\alerter.exe failed!

Could not process line:
C:\WINDOWS\system32\alerter.exe
Status: 0xc0000034

File C:\WINDOWS\system32\alrsbatt.dll not found!
Deletion of file C:\WINDOWS\system32\alrsbatt.dll failed!

Could not process line:
C:\WINDOWS\system32\alrsbatt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\atrconf.exe not found!
Deletion of file C:\WINDOWS\system32\atrconf.exe failed!

Could not process line:
C:\WINDOWS\system32\atrconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\attmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\attmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\attmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\atmperf.exe not found!
Deletion of file C:\WINDOWS\system32\atmperf.exe failed!

Could not process line:
C:\WINDOWS\system32\atmperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\attprf32.dll not found!
Deletion of file C:\WINDOWS\system32\attprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\attprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\attstat.dll not found!
Deletion of file C:\WINDOWS\system32\attstat.dll failed!

Could not process line:
C:\WINDOWS\system32\attstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audconf.exe not found!
Deletion of file C:\WINDOWS\system32\audconf.exe failed!

Could not process line:
C:\WINDOWS\system32\audconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\audmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\audmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\audmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audstat.dll not found!
Deletion of file C:\WINDOWS\system32\audstat.dll failed!

Could not process line:
C:\WINDOWS\system32\audstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audprf32.dll not found!
Deletion of file C:\WINDOWS\system32\audprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\audprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\audperf.exe not found!
Deletion of file C:\WINDOWS\system32\audperf.exe failed!

Could not process line:
C:\WINDOWS\system32\audperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\avifwmer.dll not found!
Deletion of file C:\WINDOWS\system32\avifwmer.dll failed!

Could not process line:
C:\WINDOWS\system32\avifwmer.dll
Status: 0xc0000034

File C:\WINDOWS\system32\brwconf.exe not found!
Deletion of file C:\WINDOWS\system32\brwconf.exe failed!

Could not process line:
C:\WINDOWS\system32\brwconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\brwmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\brwmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\brwmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\brwperf.exe not found!
Deletion of file C:\WINDOWS\system32\brwperf.exe failed!

Could not process line:
C:\WINDOWS\system32\brwperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\brwprf32.dll not found!
Deletion of file C:\WINDOWS\system32\brwprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\brwprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\brwstat.dll not found!
Deletion of file C:\WINDOWS\system32\brwstat.dll failed!

Could not process line:
C:\WINDOWS\system32\brwstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ccfgcscd.exe not found!
Deletion of file C:\WINDOWS\system32\ccfgcscd.exe failed!

Could not process line:
C:\WINDOWS\system32\ccfgcscd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ccfgcscd.dat not found!
Deletion of file C:\WINDOWS\system32\ccfgcscd.dat failed!

Could not process line:
C:\WINDOWS\system32\ccfgcscd.dat
Status: 0xc0000034

File C:\WINDOWS\system32\ccfgcscd.dll not found!
Deletion of file C:\WINDOWS\system32\ccfgcscd.dll failed!

Could not process line:
C:\WINDOWS\system32\ccfgcscd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgd3d.dll not found!
Deletion of file C:\WINDOWS\system32\cfgd3d.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgd3d.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgisr.dll not found!
Deletion of file C:\WINDOWS\system32\cfgisr.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgisr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cfgmmprm.dll not found!
Deletion of file C:\WINDOWS\system32\cfgmmprm.dll failed!

Could not process line:
C:\WINDOWS\system32\cfgmmprm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confatm.dll not found!
Deletion of file C:\WINDOWS\system32\confatm.dll failed!

Could not process line:
C:\WINDOWS\system32\confatm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confatt.dll not found!
Deletion of file C:\WINDOWS\system32\confatt.dll failed!

Could not process line:
C:\WINDOWS\system32\confatt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confaud.dll not found!
Deletion of file C:\WINDOWS\system32\confaud.dll failed!

Could not process line:
C:\WINDOWS\system32\confaud.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confbrw.dll not found!
Deletion of file C:\WINDOWS\system32\confbrw.dll failed!

Could not process line:
C:\WINDOWS\system32\confbrw.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confcon.dll not found!
Deletion of file C:\WINDOWS\system32\confcon.dll failed!

Could not process line:
C:\WINDOWS\system32\confcon.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confega.dll not found!
Deletion of file C:\WINDOWS\system32\confega.dll failed!

Could not process line:
C:\WINDOWS\system32\confega.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confifc.dll not found!
Deletion of file C:\WINDOWS\system32\confifc.dll failed!

Could not process line:
C:\WINDOWS\system32\confifc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\confwmv.dll not found!
Deletion of file C:\WINDOWS\system32\confwmv.dll failed!

Could not process line:
C:\WINDOWS\system32\confwmv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\conmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\conmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\conmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\conperf.exe not found!
Deletion of file C:\WINDOWS\system32\conperf.exe failed!

Could not process line:
C:\WINDOWS\system32\conperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\conprf32.dll not found!
Deletion of file C:\WINDOWS\system32\conprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\conprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\constat.dll not found!
Deletion of file C:\WINDOWS\system32\constat.dll failed!

Could not process line:
C:\WINDOWS\system32\constat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cp8xpqj.dll not found!
Deletion of file C:\WINDOWS\system32\cp8xpqj.dll failed!

Could not process line:
C:\WINDOWS\system32\cp8xpqj.dll
Status: 0xc0000034

File C:\WINDOWS\system32\crypds16.dll not found!
Deletion of file C:\WINDOWS\system32\crypds16.dll failed!

Could not process line:
C:\WINDOWS\system32\crypds16.dll
Status: 0xc0000034

File C:\WINDOWS\system32\cssewmpd.exe not found!
Deletion of file C:\WINDOWS\system32\cssewmpd.exe failed!

Could not process line:
C:\WINDOWS\system32\cssewmpd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dbgperf.exe not found!
Deletion of file C:\WINDOWS\system32\dbgperf.exe failed!

Could not process line:
C:\WINDOWS\system32\dbgperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\decconf.exe not found!
Deletion of file C:\WINDOWS\system32\decconf.exe failed!

Could not process line:
C:\WINDOWS\system32\decconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dfssrasc.dll not found!
Deletion of file C:\WINDOWS\system32\dfssrasc.dll failed!

Could not process line:
C:\WINDOWS\system32\dfssrasc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dfssrasc.exe not found!
Deletion of file C:\WINDOWS\system32\dfssrasc.exe failed!

Could not process line:
C:\WINDOWS\system32\dfssrasc.exe
Status: 0xc0000034

File C:\WINDOWS\system32\diagisr.dll not found!
Deletion of file C:\WINDOWS\system32\diagisr.dll failed!

Could not process line:
C:\WINDOWS\system32\diagisr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\diagd3d.dll not found!
Deletion of file C:\WINDOWS\system32\diagd3d.dll failed!

Could not process line:
C:\WINDOWS\system32\diagd3d.dll
Status: 0xc0000034

File C:\WINDOWS\system32\d1agrpd.exe not found!
Deletion of file C:\WINDOWS\system32\d1agrpd.exe failed!

Could not process line:
C:\WINDOWS\system32\d1agrpd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dmimmdt2.exe not found!
Deletion of file C:\WINDOWS\system32\dmimmdt2.exe failed!

Could not process line:
C:\WINDOWS\system32\dmimmdt2.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dpugmswe.dll not found!
Deletion of file C:\WINDOWS\system32\dpugmswe.dll failed!

Could not process line:
C:\WINDOWS\system32\dpugmswe.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dpvacdfv.dll not found!
Deletion of file C:\WINDOWS\system32\dpvacdfv.dll failed!

Could not process line:
C:\WINDOWS\system32\dpvacdfv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\dssconf.exe not found!
Deletion of file C:\WINDOWS\system32\dssconf.exe failed!

Could not process line:
C:\WINDOWS\system32\dssconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dxtmsft3.dll deleted successfully.

File C:\WINDOWS\system32\dxtmmnmd.dat not found!
Deletion of file C:\WINDOWS\system32\dxtmmnmd.dat failed!

Could not process line:
C:\WINDOWS\system32\dxtmmnmd.dat
Status: 0xc0000034

File C:\WINDOWS\system32\dxtmmnmd.exe not found!
Deletion of file C:\WINDOWS\system32\dxtmmnmd.exe failed!

Could not process line:
C:\WINDOWS\system32\dxtmmnmd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\dxtmmnmd.dll not found!
Deletion of file C:\WINDOWS\system32\dxtmmnmd.dll failed!

Could not process line:
C:\WINDOWS\system32\dxtmmnmd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\e1.dll not found!
Deletion of file C:\WINDOWS\system32\e1.dll failed!

Could not process line:
C:\WINDOWS\system32\e1.dll
Status: 0xc0000034

File C:\WINDOWS\system32\egaavi.exe not found!
Deletion of file C:\WINDOWS\system32\egaavi.exe failed!

Could not process line:
C:\WINDOWS\system32\egaavi.exe
Status: 0xc0000034

File C:\WINDOWS\system32\egamgr32.dll not found!
Deletion of file C:\WINDOWS\system32\egamgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\egamgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\egastat.dll not found!
Deletion of file C:\WINDOWS\system32\egastat.dll failed!

Could not process line:
C:\WINDOWS\system32\egastat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\egperf32.dll not found!
Deletion of file C:\WINDOWS\system32\egperf32.dll failed!

Could not process line:
C:\WINDOWS\system32\egperf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\evenncob.dll not found!
Deletion of file C:\WINDOWS\system32\evenncob.dll failed!

Could not process line:
C:\WINDOWS\system32\evenncob.dll
Status: 0xc0000034

File C:\WINDOWS\system32\fpwppgpm.exe not found!
Deletion of file C:\WINDOWS\system32\fpwppgpm.exe failed!

Could not process line:
C:\WINDOWS\system32\fpwppgpm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\fsxsh4.dll not found!
Deletion of file C:\WINDOWS\system32\fsxsh4.dll failed!

Could not process line:
C:\WINDOWS\system32\fsxsh4.dll
Status: 0xc0000034

File C:\WINDOWS\system32\gg32pbms.dll not found!
Deletion of file C:\WINDOWS\system32\gg32pbms.dll failed!

Could not process line:
C:\WINDOWS\system32\gg32pbms.dll
Status: 0xc0000034

File C:\WINDOWS\system32\gtmqf608r7.dll not found!
Deletion of file C:\WINDOWS\system32\gtmqf608r7.dll failed!

Could not process line:
C:\WINDOWS\system32\gtmqf608r7.dll
Status: 0xc0000034

File C:\WINDOWS\system32\hypewmv9.exe not found!
Deletion of file C:\WINDOWS\system32\hypewmv9.exe failed!

Could not process line:
C:\WINDOWS\system32\hypewmv9.exe
Status: 0xc0000034

File C:\WINDOWS\system32\i5u476j8n7.dll not found!
Deletion of file C:\WINDOWS\system32\i5u476j8n7.dll failed!

Could not process line:
C:\WINDOWS\system32\i5u476j8n7.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ifcprf32.dll not found!
Deletion of file C:\WINDOWS\system32\ifcprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\ifcprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ifcstat.dll not found!
Deletion of file C:\WINDOWS\system32\ifcstat.dll failed!

Could not process line:
C:\WINDOWS\system32\ifcstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ifcmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\ifcmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\ifcmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ifcperf.exe not found!
Deletion of file C:\WINDOWS\system32\ifcperf.exe failed!

Could not process line:
C:\WINDOWS\system32\ifcperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\imagalrs.exe not found!
Deletion of file C:\WINDOWS\system32\imagalrs.exe failed!

Could not process line:
C:\WINDOWS\system32\imagalrs.exe
Status: 0xc0000034

File C:\WINDOWS\system32\inetzlco.exe not found!
Deletion of file C:\WINDOWS\system32\inetzlco.exe failed!

Could not process line:
C:\WINDOWS\system32\inetzlco.exe
Status: 0xc0000034

File C:\WINDOWS\system32\inetzlco.dll not found!
Deletion of file C:\WINDOWS\system32\inetzlco.dll failed!

Could not process line:
C:\WINDOWS\system32\inetzlco.dll
Status: 0xc0000034

File C:\WINDOWS\system32\iproplus.dll not found!
Deletion of file C:\WINDOWS\system32\iproplus.dll failed!

Could not process line:
C:\WINDOWS\system32\iproplus.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ipsecmon.exe not found!
Deletion of file C:\WINDOWS\system32\ipsecmon.exe failed!

Could not process line:
C:\WINDOWS\system32\ipsecmon.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipsmwebh.exe not found!
Deletion of file C:\WINDOWS\system32\ipsmwebh.exe failed!

Could not process line:
C:\WINDOWS\system32\ipsmwebh.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipxpextm.exe not found!
Deletion of file C:\WINDOWS\system32\ipxpextm.exe failed!

Could not process line:
C:\WINDOWS\system32\ipxpextm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\ipxwersv.dll not found!
Deletion of file C:\WINDOWS\system32\ipxwersv.dll failed!

Could not process line:
C:\WINDOWS\system32\ipxwersv.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ipxwshel.exe not found!
Deletion of file C:\WINDOWS\system32\ipxwshel.exe failed!

Could not process line:
C:\WINDOWS\system32\ipxwshel.exe
Status: 0xc0000034

File C:\WINDOWS\system32\isrconf.exe not found!
Deletion of file C:\WINDOWS\system32\isrconf.exe failed!

Could not process line:
C:\WINDOWS\system32\isrconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\isrprov.exe not found!
Deletion of file C:\WINDOWS\system32\isrprov.exe failed!

Could not process line:
C:\WINDOWS\system32\isrprov.exe
Status: 0xc0000034

File C:\WINDOWS\system32\isrprf32.dll not found!
Deletion of file C:\WINDOWS\system32\isrprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\isrprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\iuennwcf.dll not found!
Deletion of file C:\WINDOWS\system32\iuennwcf.dll failed!

Could not process line:
C:\WINDOWS\system32\iuennwcf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ixsswmas.exe not found!
Deletion of file C:\WINDOWS\system32\ixsswmas.exe failed!

Could not process line:
C:\WINDOWS\system32\ixsswmas.exe
Status: 0xc0000034

File C:\WINDOWS\system32\j2t3crh.dll not found!
Deletion of file C:\WINDOWS\system32\j2t3crh.dll failed!

Could not process line:
C:\WINDOWS\system32\j2t3crh.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jfg3awxsgg.pif not found!
Deletion of file C:\WINDOWS\system32\jfg3awxsgg.pif failed!

Could not process line:
C:\WINDOWS\system32\jfg3awxsgg.pif
Status: 0xc0000034

File C:\WINDOWS\system32\jgawmsne.dll not found!
Deletion of file C:\WINDOWS\system32\jgawmsne.dll failed!

Could not process line:
C:\WINDOWS\system32\jgawmsne.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jgdwadsn.dll not found!
Deletion of file C:\WINDOWS\system32\jgdwadsn.dll failed!

Could not process line:
C:\WINDOWS\system32\jgdwadsn.dll
Status: 0xc0000034

File C:\WINDOWS\system32\jgdwadsn.exe not found!
Deletion of file C:\WINDOWS\system32\jgdwadsn.exe failed!

Could not process line:
C:\WINDOWS\system32\jgdwadsn.exe
Status: 0xc0000034

File C:\WINDOWS\system32\kbdfwshe.exe not found!
Deletion of file C:\WINDOWS\system32\kbdfwshe.exe failed!

Could not process line:
C:\WINDOWS\system32\kbdfwshe.exe
Status: 0xc0000034

File C:\WINDOWS\system32\kbdcrtut.dll not found!
Deletion of file C:\WINDOWS\system32\kbdcrtut.dll failed!

Could not process line:
C:\WINDOWS\system32\kbdcrtut.dll
Status: 0xc0000034

File C:\WINDOWS\system32\lprmneth.dll not found!
Deletion of file C:\WINDOWS\system32\lprmneth.dll failed!

Could not process line:
C:\WINDOWS\system32\lprmneth.dll
Status: 0xc0000034

File C:\WINDOWS\system32\lprmneth.exe not found!
Deletion of file C:\WINDOWS\system32\lprmneth.exe failed!

Could not process line:
C:\WINDOWS\system32\lprmneth.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mcd3mscm.dll not found!
Deletion of file C:\WINDOWS\system32\mcd3mscm.dll failed!

Could not process line:
C:\WINDOWS\system32\mcd3mscm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mididpnh.dll not found!
Deletion of file C:\WINDOWS\system32\mididpnh.dll failed!

Could not process line:
C:\WINDOWS\system32\mididpnh.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ml7swr.exe not found!
Deletion of file C:\WINDOWS\system32\ml7swr.exe failed!

Could not process line:
C:\WINDOWS\system32\ml7swr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mp4sglmf.dll not found!
Deletion of file C:\WINDOWS\system32\mp4sglmf.dll failed!

Could not process line:
C:\WINDOWS\system32\mp4sglmf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mprmsfma.dll not found!
Deletion of file C:\WINDOWS\system32\mprmsfma.dll failed!

Could not process line:
C:\WINDOWS\system32\mprmsfma.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mqadscp3.exe not found!
Deletion of file C:\WINDOWS\system32\mqadscp3.exe failed!

Could not process line:
C:\WINDOWS\system32\mqadscp3.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msihftpw.dll not found!
Deletion of file C:\WINDOWS\system32\msihftpw.dll failed!

Could not process line:
C:\WINDOWS\system32\msihftpw.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msisnwcf.dll not found!
Deletion of file C:\WINDOWS\system32\msisnwcf.dll failed!

Could not process line:
C:\WINDOWS\system32\msisnwcf.dll
Status: 0xc0000034

File C:\WINDOWS\system32\mspradme.exe not found!
Deletion of file C:\WINDOWS\system32\mspradme.exe failed!

Could not process line:
C:\WINDOWS\system32\mspradme.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msrdtscf.exe not found!
Deletion of file C:\WINDOWS\system32\msrdtscf.exe failed!

Could not process line:
C:\WINDOWS\system32\msrdtscf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\msrdwint.dll not found!
Deletion of file C:\WINDOWS\system32\msrdwint.dll failed!

Could not process line:
C:\WINDOWS\system32\msrdwint.dll
Status: 0xc0000034

File C:\WINDOWS\system32\msrdwint.dat not found!
Deletion of file C:\WINDOWS\system32\msrdwint.dat failed!

Could not process line:
C:\WINDOWS\system32\msrdwint.dat
Status: 0xc0000034

File C:\WINDOWS\system32\msrdwint.exe not found!
Deletion of file C:\WINDOWS\system32\msrdwint.exe failed!

Could not process line:
C:\WINDOWS\system32\msrdwint.exe
Status: 0xc0000034

File C:\WINDOWS\system32\mstsodbc.exe not found!
Deletion of file C:\WINDOWS\system32\mstsodbc.exe failed!

Could not process line:
C:\WINDOWS\system32\mstsodbc.exe
Status: 0xc0000034

File C:\WINDOWS\system32\narrwshr.dll not found!
Deletion of file C:\WINDOWS\system32\narrwshr.dll failed!

Could not process line:
C:\WINDOWS\system32\narrwshr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\netfrtm.dll not found!
Deletion of file C:\WINDOWS\system32\netfrtm.dll failed!

Could not process line:
C:\WINDOWS\system32\netfrtm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\nmp.log not found!
Deletion of file C:\WINDOWS\system32\nmp.log failed!

Could not process line:
C:\WINDOWS\system32\nmp.log
Status: 0xc0000034

File C:\WINDOWS\system32\offfmsre.dll not found!
Deletion of file C:\WINDOWS\system32\offfmsre.dll failed!

Could not process line:
C:\WINDOWS\system32\offfmsre.dll
Status: 0xc0000034

File C:\WINDOWS\system32\packwlda.exe not found!
Deletion of file C:\WINDOWS\system32\packwlda.exe failed!

Could not process line:
C:\WINDOWS\system32\packwlda.exe
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtforum.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtforum.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtforum.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtwbmail.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtwbmail.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtwbmail.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtsmt.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtsmt.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtsmt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtsmtspm.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtsmtspm.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtsmtspm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtymsg.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtymsg.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtymsg.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtgtal.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtgtal.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtgtal.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmtaim.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmtaim.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmtaim.dll
Status: 0xc0000034

File C:\WINDOWS\system32\pfxzmticq.dll not found!
Deletion of file C:\WINDOWS\system32\pfxzmticq.dll failed!

Could not process line:
C:\WINDOWS\system32\pfxzmticq.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psapdani.dll not found!
Deletion of file C:\WINDOWS\system32\psapdani.dll failed!

Could not process line:
C:\WINDOWS\system32\psapdani.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psbaavic.dll not found!
Deletion of file C:\WINDOWS\system32\psbaavic.dll failed!

Could not process line:
C:\WINDOWS\system32\psbaavic.dll
Status: 0xc0000034

File C:\WINDOWS\system32\psbamtxe.dll not found!
Deletion of file C:\WINDOWS\system32\psbamtxe.dll failed!

Could not process line:
C:\WINDOWS\system32\psbamtxe.dll
Status: 0xc0000034

File C:\WINDOWS\system32\qdvddgrp.exe not found!
Deletion of file C:\WINDOWS\system32\qdvddgrp.exe failed!

Could not process line:
C:\WINDOWS\system32\qdvddgrp.exe
Status: 0xc0000034

File C:\WINDOWS\system32\regaufat.dll not found!
Deletion of file C:\WINDOWS\system32\regaufat.dll failed!

Could not process line:
C:\WINDOWS\system32\regaufat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\rdpwmsjt.exe not found!
Deletion of file C:\WINDOWS\system32\rdpwmsjt.exe failed!

Could not process line:
C:\WINDOWS\system32\rdpwmsjt.exe
Status: 0xc0000034

File C:\WINDOWS\system32\rtutdmin.dll not found!
Deletion of file C:\WINDOWS\system32\rtutdmin.dll failed!

Could not process line:
C:\WINDOWS\system32\rtutdmin.dll
Status: 0xc0000034

File C:\WINDOWS\system32\samsusrr.dll not found!
Deletion of file C:\WINDOWS\system32\samsusrr.dll failed!

Could not process line:
C:\WINDOWS\system32\samsusrr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\samsusrr.exe not found!
Deletion of file C:\WINDOWS\system32\samsusrr.exe failed!

Could not process line:
C:\WINDOWS\system32\samsusrr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\sbeddem.dll not found!
Deletion of file C:\WINDOWS\system32\sbeddem.dll failed!

Could not process line:
C:\WINDOWS\system32\sbeddem.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sbeddem.exe not found!
Deletion of file C:\WINDOWS\system32\sbeddem.exe failed!

Could not process line:
C:\WINDOWS\system32\sbeddem.exe
Status: 0xc0000034

File C:\WINDOWS\system32\sccsumdm.dll not found!
Deletion of file C:\WINDOWS\system32\sccsumdm.dll failed!

Could not process line:
C:\WINDOWS\system32\sccsumdm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sccsumdm.dat not found!
Deletion of file C:\WINDOWS\system32\sccsumdm.dat failed!

Could not process line:
C:\WINDOWS\system32\sccsumdm.dat
Status: 0xc0000034

File C:\WINDOWS\system32\sccsumdm.exe not found!
Deletion of file C:\WINDOWS\system32\sccsumdm.exe failed!

Could not process line:
C:\WINDOWS\system32\sccsumdm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\scp3sdhc.dll not found!
Deletion of file C:\WINDOWS\system32\scp3sdhc.dll failed!

Could not process line:
C:\WINDOWS\system32\scp3sdhc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\scsm.exe not found!
Deletion of file C:\WINDOWS\system32\scsm.exe failed!

Could not process line:
C:\WINDOWS\system32\scsm.exe
Status: 0xc0000034

File C:\WINDOWS\system32\sfxzmtsmt.dll not found!
Deletion of file C:\WINDOWS\system32\sfxzmtsmt.dll failed!

Could not process line:
C:\WINDOWS\system32\sfxzmtsmt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sfxzmtsmtspm.dll not found!
Deletion of file C:\WINDOWS\system32\sfxzmtsmtspm.dll failed!

Could not process line:
C:\WINDOWS\system32\sfxzmtsmtspm.dll
Status: 0xc0000034

File C:\WINDOWS\system32\shsvmdim.dll not found!
Deletion of file C:\WINDOWS\system32\shsvmdim.dll failed!

Could not process line:
C:\WINDOWS\system32\shsvmdim.dll
Status: 0xc0000034

File C:\WINDOWS\system32\slbipsch.dll not found!
Deletion of file C:\WINDOWS\system32\slbipsch.dll failed!

Could not process line:
C:\WINDOWS\system32\slbipsch.dll
Status: 0xc0000034

File C:\WINDOWS\system32\slbipsch.exe not found!
Deletion of file C:\WINDOWS\system32\slbipsch.exe failed!

Could not process line:
C:\WINDOWS\system32\slbipsch.exe
Status: 0xc0000034

File C:\WINDOWS\system32\snmpmmcn.dll not found!
Deletion of file C:\WINDOWS\system32\snmpmmcn.dll failed!

Could not process line:
C:\WINDOWS\system32\snmpmmcn.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ssconfig.exe not found!
Deletion of file C:\WINDOWS\system32\ssconfig.exe failed!

Could not process line:
C:\WINDOWS\system32\ssconfig.exe
Status: 0xc0000034

File C:\WINDOWS\system32\statd3d.dll not found!
Deletion of file C:\WINDOWS\system32\statd3d.dll failed!

Could not process line:
C:\WINDOWS\system32\statd3d.dll
Status: 0xc0000034

File C:\WINDOWS\system32\statisr.dll not found!
Deletion of file C:\WINDOWS\system32\statisr.dll failed!

Could not process line:
C:\WINDOWS\system32\statisr.dll
Status: 0xc0000034

File C:\WINDOWS\system32\strmwin8.dll not found!
Deletion of file C:\WINDOWS\system32\strmwin8.dll failed!

Could not process line:
C:\WINDOWS\system32\strmwin8.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sysshtic.dll not found!
Deletion of file C:\WINDOWS\system32\sysshtic.dll failed!

Could not process line:
C:\WINDOWS\system32\sysshtic.dll
Status: 0xc0000034

File C:\WINDOWS\system32\sysshtic.exe not found!
Deletion of file C:\WINDOWS\system32\sysshtic.exe failed!

Could not process line:
C:\WINDOWS\system32\sysshtic.exe
Status: 0xc0000034

File C:\WINDOWS\system32\trkwpipa.exe not found!
Deletion of file C:\WINDOWS\system32\trkwpipa.exe failed!

Could not process line:
C:\WINDOWS\system32\trkwpipa.exe
Status: 0xc0000034

File C:\WINDOWS\system32\tscfvjoy.dll not found!
Deletion of file C:\WINDOWS\system32\tscfvjoy.dll failed!

Could not process line:
C:\WINDOWS\system32\tscfvjoy.dll
Status: 0xc0000034

File C:\WINDOWS\system32\uiqzmticq.dll deleted successfully.

File C:\WINDOWS\system32\ujn6oqt.dll not found!
Deletion of file C:\WINDOWS\system32\ujn6oqt.dll failed!

Could not process line:
C:\WINDOWS\system32\ujn6oqt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\ulibofff.exe not found!
Deletion of file C:\WINDOWS\system32\ulibofff.exe failed!

Could not process line:
C:\WINDOWS\system32\ulibofff.exe
Status: 0xc0000034

File C:\WINDOWS\system32\uregdeve.dll not found!
Deletion of file C:\WINDOWS\system32\uregdeve.dll failed!

Could not process line:
C:\WINDOWS\system32\uregdeve.dll
Status: 0xc0000034

File C:\WINDOWS\system32\uregdeve.exe not found!
Deletion of file C:\WINDOWS\system32\uregdeve.exe failed!

Could not process line:
C:\WINDOWS\system32\uregdeve.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vb5dmspo.dll not found!
Deletion of file C:\WINDOWS\system32\vb5dmspo.dll failed!

Could not process line:
C:\WINDOWS\system32\vb5dmspo.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vbscqdv.exe not found!
Deletion of file C:\WINDOWS\system32\vbscqdv.exe failed!

Could not process line:
C:\WINDOWS\system32\vbscqdv.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vdshlicw.exe not found!
Deletion of file C:\WINDOWS\system32\vdshlicw.exe failed!

Could not process line:
C:\WINDOWS\system32\vdshlicw.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vmhevnet.dll not found!
Deletion of file C:\WINDOWS\system32\vmhevnet.dll failed!

Could not process line:
C:\WINDOWS\system32\vmhevnet.dll
Status: 0xc0000034

File C:\WINDOWS\system32\vmhevnet.exe not found!
Deletion of file C:\WINDOWS\system32\vmhevnet.exe failed!

Could not process line:
C:\WINDOWS\system32\vmhevnet.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vp31srsv.exe not found!
Deletion of file C:\WINDOWS\system32\vp31srsv.exe failed!

Could not process line:
C:\WINDOWS\system32\vp31srsv.exe
Status: 0xc0000034

File C:\WINDOWS\system32\vp31rpcs.exe not found!
Deletion of file C:\WINDOWS\system32\vp31rpcs.exe failed!

Could not process line:
C:\WINDOWS\system32\vp31rpcs.exe
Status: 0xc0000034

File C:\WINDOWS\system32\w3sskbda.dll not found!
Deletion of file C:\WINDOWS\system32\w3sskbda.dll failed!

Could not process line:
C:\WINDOWS\system32\w3sskbda.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wmvperf.exe not found!
Deletion of file C:\WINDOWS\system32\wmvperf.exe failed!

Could not process line:
C:\WINDOWS\system32\wmvperf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\wmvconf.exe not found!
Deletion of file C:\WINDOWS\system32\wmvconf.exe failed!

Could not process line:
C:\WINDOWS\system32\wmvconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\wmvstat.dll not found!
Deletion of file C:\WINDOWS\system32\wmvstat.dll failed!

Could not process line:
C:\WINDOWS\system32\wmvstat.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wmvmgr32.dll not found!
Deletion of file C:\WINDOWS\system32\wmvmgr32.dll failed!

Could not process line:
C:\WINDOWS\system32\wmvmgr32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wmvprf32.dll not found!
Deletion of file C:\WINDOWS\system32\wmvprf32.dll failed!

Could not process line:
C:\WINDOWS\system32\wmvprf32.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wstdactx.exe not found!
Deletion of file C:\WINDOWS\system32\wstdactx.exe failed!

Could not process line:
C:\WINDOWS\system32\wstdactx.exe
Status: 0xc0000034

File C:\WINDOWS\system32\winbpowr.exe not found!
Deletion of file C:\WINDOWS\system32\winbpowr.exe failed!

Could not process line:
C:\WINDOWS\system32\winbpowr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\wmnecomc.dll not found!
Deletion of file C:\WINDOWS\system32\wmnecomc.dll failed!

Could not process line:
C:\WINDOWS\system32\wmnecomc.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wmpcskdl.dll not found!
Deletion of file C:\WINDOWS\system32\wmpcskdl.dll failed!

Could not process line:
C:\WINDOWS\system32\wmpcskdl.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wmspmsv1.z1 not found!
Deletion of file C:\WINDOWS\system32\wmspmsv1.z1 failed!

Could not process line:
C:\WINDOWS\system32\wmspmsv1.z1
Status: 0xc0000034

File C:\WINDOWS\system32\wshtlprh.dll not found!
Deletion of file C:\WINDOWS\system32\wshtlprh.dll failed!

Could not process line:
C:\WINDOWS\system32\wshtlprh.dll
Status: 0xc0000034

File C:\WINDOWS\system32\wupstlnt.dll not found!
Deletion of file C:\WINDOWS\system32\wupstlnt.dll failed!

Could not process line:
C:\WINDOWS\system32\wupstlnt.dll
Status: 0xc0000034

File C:\WINDOWS\system32\xactcomr.exe not found!
Deletion of file C:\WINDOWS\system32\xactcomr.exe failed!

Could not process line:
C:\WINDOWS\system32\xactcomr.exe
Status: 0xc0000034

File C:\WINDOWS\system32\xpspqdvd.exe not found!
Deletion of file C:\WINDOWS\system32\xpspqdvd.exe failed!

Could not process line:
C:\WINDOWS\system32\xpspqdvd.exe
Status: 0xc0000034

File C:\WINDOWS\system32\xpspqdvd.dat not found!
Deletion of file C:\WINDOWS\system32\xpspqdvd.dat failed!

Could not process line:
C:\WINDOWS\system32\xpspqdvd.dat
Status: 0xc0000034

File C:\WINDOWS\system32\xpspqdvd.dll not found!
Deletion of file C:\WINDOWS\system32\xpspqdvd.dll failed!

Could not process line:
C:\WINDOWS\system32\xpspqdvd.dll
Status: 0xc0000034

File C:\WINDOWS\system32\yapconf.exe not found!
Deletion of file C:\WINDOWS\system32\yapconf.exe failed!

Could not process line:
C:\WINDOWS\system32\yapconf.exe
Status: 0xc0000034

File C:\WINDOWS\system32\zlcocard.dll not found!
Deletion of file C:\WINDOWS\system32\zlcocard.dll failed!

Could not process line:
C:\WINDOWS\system32\zlcocard.dll
Status: 0xc0000034

File C:\WINDOWS\system32\zlcocard.exe not found!
Deletion of file C:\WINDOWS\system32\zlcocard.exe failed!

Could not process line:
C:\WINDOWS\system32\zlcocard.exe
Status: 0xc0000034

Registry value HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs replaced with dummy successfully.

Registry key HKLM\SOFTWARE\Microsoft\attmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\attmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\attmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\attmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\audmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\audmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\audmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\audmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\brwmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\brwmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\brwmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\brwmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\ccfgcscd not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\ccfgcscd failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ccfgcscd not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ccfgcscd failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\conmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\conmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\conmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\conmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\dbgmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\dbgmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dbgmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dbgmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\decstat not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\decstat failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\decstat not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\decstat failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\dfssrasc not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\dfssrasc failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dfssrasc not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dfssrasc failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\dssmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\dssmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dssmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dssmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\dxtmmnmd not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\dxtmmnmd failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dxtmmnmd not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dxtmmnmd failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\jgdwadsn not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\jgdwadsn failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jgdwadsn not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jgdwadsn failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\jpgmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\jpgmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jpgmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\jpgmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\lprmneth not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\lprmneth failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\lprmneth not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\lprmneth failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\msrdwint not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\msrdwint failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\msrdwint not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\msrdwint failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\psbamtxe not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\psbamtxe failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psbamtxe not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psbamtxe failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\samsusrr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\samsusrr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\samsusrr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\samsusrr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\sccsumdm not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\sccsumdm failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sccsumdm not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sccsumdm failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\slbipsch not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\slbipsch failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\slbipsch not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\slbipsch failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\sysshtic not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\sysshtic failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sysshtic not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sysshtic failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\uregdeve not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\uregdeve failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\uregdeve not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\uregdeve failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\vmhevnet not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\vmhevnet failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vmhevnet not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vmhevnet failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\wmvmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\wmvmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wmvmgr not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wmvmgr failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\wstdactx not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\wstdactx failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wstdactx not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wstdactx failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\xpspqdvd not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\xpspqdvd failed!
Status: 0xc0000034

Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xpspqdvd not found!
Deletion of registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xpspqdvd failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|accm.exe
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|accm.exe failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|atmconf
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|atmconf failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|audiag
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|audiag failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|brwdiag
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|brwdiag failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|chater.exe
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|chater.exe failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ciodiag
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ciodiag failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|davctool
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|davctool failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|egdiag
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|egdiag failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ifcdiag
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ifcdiag failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ipxwshel
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ipxwshel failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|mac.exe
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|mac.exe failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|mqadscp3
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|mqadscp3 failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|mspradme
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|mspradme failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|msupdtwiz
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|msupdtwiz failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|serv
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|serv failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|spoolsrv.exe
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|spoolsrv.exe failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|sqhost
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|sqhost failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|sserrvv
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|sserrvv failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|t2serv
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|t2serv failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|tpup
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|tpup failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ulibofff
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ulibofff failed!
Status: 0xc0000034

Could not delete registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|wmvdiag
Deletion of registry value HKLM\Software\Microsoft\Windows\CurrentVersion\Run|wmvdiag failed!
Status: 0xc0000034

Completed script processing.

*******************

Finished! Terminate.

sakiri · Příspěvekod **sakiri** » 19 bře 2007 16:09

ten sporder.dll je v pořádku.

A i když se to zastavilo tak víme že je to šmejd.Tento soubor najdi a smaž:
C:\WINDOWS\via.exe

Ta knihovna byla šmejd ale Avenger ji smazal viz tento řádek:
File C:\WINDOWS\system32\uiqzmticq.dll deleted successfully

Odinstaluj WhenUSave přes přidat/odebrat programy.
Pokud by to nešlo tak najdi smaž tuto složku:
C:\Program Files\Save
A smaž ju.

+ tě opět poprosím o vložení nového logu z combofixu.Ale ten log udělej poté co smažeš via.exe a Save.

gnaver · Příspěvekod **gnaver** » 19 bře 2007 16:16

novy combofix

"Kuba" - 07-03-19 16:14:37 Service Pack 2
ComboFix 07-03-15.2 - Running from: "E:\"

((((((((((((((((((((((((((((((( Files Created from 2007-02-19 to 2007-03-19 ))))))))))))))))))))))))))))))))))

2007-03-19 15:32 <DIR> d-------- C:\avenger
2007-03-17 17:15 <DIR> d-------- C:\Program Files\Yahoo!
2007-03-17 17:15 <DIR> d-------- C:\Program Files\CCleaner
2007-03-16 19:08 8,704 --a------ C:\WINDOWS\system32\sporder.dll
2007-03-08 14:45 <DIR> d-------- C:\Program Files\QIP
2007-02-25 16:21 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2007-02-25 16:11 <DIR> d-------- C:\Program Files\Native Instruments
2007-02-22 13:56 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-02-21 14:49 <DIR> d-------- C:\WINDOWS\system32\URTTEMP
2007-02-21 14:45 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-02-21 14:45 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2007-02-21 14:43 94,064 --a------ C:\WINDOWS\system32\drivers\k510mdm.sys
2007-02-21 14:43 85,408 --a------ C:\WINDOWS\system32\drivers\k510mgmt.sys
2007-02-21 14:43 83,344 --a------ C:\WINDOWS\system32\drivers\k510obex.sys
2007-02-21 14:43 8,336 --a------ C:\WINDOWS\system32\drivers\k510mdfl.sys
2007-02-21 14:43 6,176 --a------ C:\WINDOWS\system32\drivers\k510cmnt.sys
2007-02-21 14:43 6,176 --a------ C:\WINDOWS\system32\drivers\k510cm.sys
2007-02-21 14:43 58,288 --a------ C:\WINDOWS\system32\drivers\k510bus.sys
2007-02-21 14:43 5,808 --a------ C:\WINDOWS\system32\drivers\k510whnt.sys
2007-02-21 14:43 5,808 --a------ C:\WINDOWS\system32\drivers\k510wh.sys
2007-02-21 14:43 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-02-21 14:42 <DIR> d-------- C:\WINDOWS\Downloaded Installations

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-03-18 21:27 -------- d-------- C:\Program Files\quicktime
2007-03-18 21:27 -------- d-------- C:\Program Files\quicktime
2007-03-07 18:47 -------- d-------- C:\Program Files\icqlite
2007-03-07 18:47 -------- d-------- C:\Program Files\icqlite
2007-02-23 20:25 -------- d-------- C:\Program Files\lineageii
2007-02-23 20:25 -------- d-------- C:\Program Files\lineageii
2007-02-21 14:50 73506 --a------ C:\WINDOWS\system32\perfc005.dat
2007-02-21 14:50 398250 --a------ C:\WINDOWS\system32\perfh005.dat
2007-02-02 21:16 -------- d--h----- C:\Program Files\installshield installation information
2007-02-02 21:16 -------- d--h----- C:\Program Files\installshield installation information
2007-01-25 17:00 -------- d-------- C:\Program Files\finepixviewer
2007-01-25 17:00 -------- d-------- C:\Program Files\finepixviewer
2007-01-24 18:36 -------- d-------- C:\Program Files\microsoft games
2007-01-24 18:36 -------- d-------- C:\Program Files\microsoft games
2007-01-15 18:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
2007-01-15 18:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
2007-01-15 17:52 98304 --a------ C:\WINDOWS\system32\cmdlineext.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NVMCTRAY.DLL,NvTaskbarInit"
"WhenUSave"="\"C:\\Program Files\\Save\\Save.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"="C:\\Program Files\\ICQLite\\ICQLite.exe -trayboot"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"TraMet"="C:\\Program Files\\TraMet\\TraMet.exe"
"C-Media Echo Control"="C:\\Program Files\\PCI Audio Applications\\Bin\\EchoCtrl.exe"
"C-Media Mixer"="Mixer.exe /startup"
"DAEMON Tools"="\"E:\\DAEMON Tools\\daemon.exe\" -lang 1033"
"REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.EXE /AUTORUN"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ICQLite"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\ICQLite\\ICQLite.exe\" -minimize"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_NPKCRYPT

********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-19 16:16:23
C:\ComboFix2.txt ... 07-03-19 15:28
C:\ComboFix3.txt ... 07-03-17 13:11

sakiri · Příspěvekod **sakiri** » 19 bře 2007 17:17

Super měl jsi tam toho víc než ten Zhelatin ale i ty ostatní šmejdi jsou pryč. :bigups:

máš tam nějaké zůstatky v registrech takže pokud to chceš odstranit tak udělej toto:
Restatuj PC do nouzového režimu.

Jelikož registry jsou vždy velice citlivá věc tak udělej zálohu registru při záloze postupuj takhle:
Start -> Spustit (Run) a do volného řádku zkopírovat ten tučně modrý text:
regedit /e c:\registrybackup.reg
a dej enter

Budou se zálohovat registry nemělo by to trvat dlouho.

Teprve když skončí tak udělej toto:
Otevři poznámkový blok a do něj zkopíruj ten to text:

Kód: Vybrat vše

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\dd.exe"=-
"C:\\WINDOWS\\system32\\sm.exe"=-
"C:\\WINDOWS\\system32\\adirss.exe"=-
"C:\\WINDOWS\\system32\\lnwin.exe"=-

Pak dej Soubor (File) -> Uložit jako (Save As) -> jak je Název souboru (File name) tak do toho řádku napiš:fix.reg
Jak je Typ souboru (Save as type) tak tam vyber *všechny soubory (*all files)
A ulož ho na plochu.
Naploše by se měl objevit fix.reg spusť ho vyskočí hláška kde odklikni Ano (Yes) poté je další hláška kde odklikni OK

No a poté restartuj do normálního režimu.

A to je všechno pokud nemá problém.
+ sem zkopíruj pro jistotu nový log z HJT.

ADIRKA - log ke kontrole

Kdo je online