Thread: about blank virus...need help
View Single Post
Old 07-16-2005, 01:12 AM   #4 (permalink)
old hickory
I helped the forums.
 
Join Date: Jul 2005
Posts: 39
OS: XP PRO


Hi Ried,

Only problem I has was finding the rpc helper...I couldn't find it.

I believe everything is much improved....no about.blank nor popups....
My taskbar at bottom of screen still changed but no big deal.

Here is Hijackthis log and ewido report:


Logfile of HijackThis v1.99.1
Scan saved at 1:54:10 AM, on 7/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [SMCSTA.EXE] SMCSTA.EXE START
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\atlrm.exe" C:\WINDOWS\atlpv.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 1:51:35 AM, 7/16/2005
+ Report-Checksum: 1DBAE576

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{07D80144-9372-FEAC-AEDD-21AE8732F067} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1228458E-6B19-48F4-5449-A00AEE93F0FC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B5A2313-AE67-454E-9A8B-F74070E57F1B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3BAA3AE9-9C0B-E08A-A982-9818F457337E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5DA6CA48-7D98-BC0B-40EF-22AC6558668A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{795714A8-C9C0-E8BD-30DB-A0DA3B603993} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{81AE8953-3335-A1BB-5174-F82625372B4E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8DF52E69-BA52-5F6E-2A2A-0CD81E0F3492} -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW -> Spyware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\TIM\Cookies\tim@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\TIM\Cookies\tim@adtrak[1].txt -> Spyware.Cookie.Adtrak : Cleaned with backup
C:\Documents and Settings\TIM\Cookies\tim@familytherapy.net.33473.fb.dbbsrv[2].txt -> Spyware.Cookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\TIM\Local Settings\Temp\Cookies\tim@specificpop[1].txt -> Spyware.Cookie.Specificpop : Cleaned with backup
C:\hjt\backups\backup-20050716-001435-144.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc10.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc11.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc12.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc13.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc14.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc15.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc16.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc17.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc18.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc19.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc2.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc3.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc4.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc5.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc6.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc7.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc8.exe -> Trojan.Agent.bi : Cleaned with backup
C:\RECYCLER\S-1-5-21-687773745-3018675201-3296490199-500\Dc9.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addcd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addet.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addin32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addlc32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addlk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\adduh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apici.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appfl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appha32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appvv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appzq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlpv.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlrm.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlyi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\CONTROL.INI:tsntw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crjf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crnw32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\CS_setup.ini:zfbtj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3ab32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3oc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3wl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\DESKTOP.INI:jwqac -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\disney.ini:ckiif -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\disney.ini:schax -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\DVDSentry.ini:fsqiq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\GRAPH5.INI:ovgac -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\GRAPH5.INI:rvomd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\GRAPH5.INI:wxdyv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iebh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iedd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iedq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iegq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ieml32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ieyq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\INTUIT.INI:odlog -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ipau32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipgv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipia32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iPlayer.INI:gddti -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipnf32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipxj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javabr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javakw.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\javaua32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcdd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcdf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcjm32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\MSFNTMAP.INI:tppiw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msoffice.ini:eojrt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\msol32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mssn.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\neteh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netfh32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netgt.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netig.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntbtlog.txt:vrgnj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ntkn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntlf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntmn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ODBC.INI:koizf -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:hifpj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\OEWABLog.txt:gsjxg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\orun32.ini:gdgrc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\PI4_setup.ini:skqig -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\PROTOCOL.INI:giexe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\PROTOCOL.INI:omrxs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SchedLgU.Txt:yvrtz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\sdkdl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkgj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkms32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkpj32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdktv.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkuh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkwz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkxi32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SETUPLOG.TXT:ntqzb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysdq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysiz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysmd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM.INI:zuegi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32:uoaa.dll -> TrojanDownloader.Small.azk : Cleaned with backup
C:\WINDOWS\SYSTEM32\addhj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addms.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addnl.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addsx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\addwf32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\addyv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\apibe.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\apicx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\apppy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appqo32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\appuq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appwi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\appyu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlcs32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlfu32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlgn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlhh32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlom32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\atlzc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crac32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crlw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crpy32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crrm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crss32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crvh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\crvk.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\crwk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3ps32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3ql32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\d3xh.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieak.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ieem.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\iepw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipbc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipbp32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipcn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipen32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipie.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipog.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipot.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipqa.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipxf32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipxh32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ipyv.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javaad.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\javacm32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\javacs.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\javazi.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcaw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcbn.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcor32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfcvf.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mfczk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\msdz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\msel32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\msgs.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\mssd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\msun.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\msxp.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netav.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\netcy.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netmz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\netoz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\netwj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netxh.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\netzk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntes32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntnb.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\ntrl32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdklz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkna32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkqd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdktr32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkvo32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkwq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sdkxv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysdd.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysdm32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysfe.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysfq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysis.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysjn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\syslr32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysvq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysxq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\sysyx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winfc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winir.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\winoh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\wintq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\winxk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winxm.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\SYSTEM32\winzb32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM32\winzw32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winamp.ini:irfgbq -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winde.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wines.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winfx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winge32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\WinInit.Ini:dqkxj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\winjj.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winnb32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\npwthost.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINDOWS\wt\wtupdates\wtwebdriver\files\3.3.1.001\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINDOWS\wt\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:aawhb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ackla -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:advwh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ajthf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:beftu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:cmado -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dksuf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:dxgbq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:efxqd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:fbqqb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:gapae -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ggyms -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:hhbba -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:iagyv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:ipwwg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:izely -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:jodii -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:jpvsj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:kuqbb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:laheu -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:lbhax -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:lgmqk -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:mbjlh -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:pokme -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:pukkb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:qccrn -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:qylge -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:rlwts -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:rwujx -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:sjduz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:tcrqs -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:tdfbb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:tmmxh -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:tzpya -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:umowo -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:upgtf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:vvtux -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:vymqp -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:xbkdl -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:xkuav -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:xolmk -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:zjvhx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_DEFAULT.PIF:zsnqn -> TrojanDownloader.Agent.bq : Cleaned with backup


::Report End
old hickory is offline