Challanges with about:blank,[RESOLVED] |
Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
  |
 Jan 29 2006, 10:12 AM
Post
#1
|
|
|
New Member  Posts: 5 OS: XP Home  |
This is the first time I have posted in a forum, so please bear with me. I am having major challanges with my computer. It takes a great deal of time to boot up, and even after booting, seems to keep loading (making harddrive noise) stuff. It also has been locking up on the shut down. When starting into internet explorer, it always starts at about:blank, and throughout the session asks to change my homepage to about:blank. There is also this popup that seems to be a search program. AdAware and Spybot find 123search and CoolWWWSearch in various forms, but can not remove them. After some time on the internet, the computer slows way down and I get a low virtual memory indication. There is also this icon that flashes in the tool tray that says that I have a security problem, would I like to know how to fix it. I have run the programs listed in the "read before posting" thread. All of them have been run, however the Trend Housecall, or Panda online scans both continue to lock up. One time the Trend scan listed a large number of items, but crashed and shut down before any cleanup could be done. Here are the logs from Ewido and Hijack this: --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 5:17:20 PM, 1/27/2006 + Report-Checksum: 18FED9C4 + Scan result: HKLM\SOFTWARE\Classes\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{792E2C95-AEBD-D9B8-E958-AD1BB5A3D9BA} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{C2E5E32B-0FD0-16A5-10FE-EDA2D4478683} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{D75897AF-4779-FE93-0121-038FA5AA18C4} -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SE -> Spyware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SW -> Spyware.CoolWebSearch : Cleaned with backup C:\RECYCLER\NPROTECT\00266319.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266325.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266327.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266328.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266329.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266330.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266331.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266334.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266340.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266346.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266347.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266350.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266353.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266354.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266357.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266358.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266359.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266427.dll -> Downloader.Agent.bc : Cleaned with backup C:\RECYCLER\NPROTECT\00266428.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266434.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00266505.dll -> Downloader.Agent.bc : Cleaned with backup C:\RECYCLER\NPROTECT\00266547.dll -> Downloader.Agent.bc : Cleaned with backup C:\RECYCLER\NPROTECT\00266548.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00267190.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00267252.dll -> Downloader.Agent.bc : Cleaned with backup C:\RECYCLER\NPROTECT\00267253.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00267257.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00267310.exe -> Trojan.Agent.bi : Cleaned with backup C:\RECYCLER\NPROTECT\00267316.exe -> Downloader.Agent.td : Cleaned with backup C:\RECYCLER\NPROTECT\00267341.exe -> Trojan.Agent.bi : Cleaned with backup C:\RECYCLER\NPROTECT\00267342.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP820\A0121961.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP820\A0121969.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125232.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125233.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125234.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125235.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125236.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125237.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125238.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125239.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125240.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125241.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125242.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125243.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125244.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125245.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125246.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125247.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125248.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125249.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125250.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125251.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125252.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125253.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125254.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125255.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125256.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125257.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125258.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125259.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125260.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125261.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125262.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125263.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125264.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125265.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125266.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125267.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125268.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125269.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125270.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125271.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125272.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125273.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125274.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125275.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125276.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125277.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125278.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125279.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125280.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125281.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125282.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125283.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125284.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125285.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125286.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125287.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125288.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125289.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125290.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125291.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125292.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125293.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125294.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125295.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125296.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125297.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125298.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125299.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125300.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125301.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125302.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125303.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125304.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125305.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125306.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125307.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125308.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125309.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125310.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125311.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125312.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125313.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125314.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125315.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125316.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125317.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125318.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125319.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125320.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125321.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125322.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125323.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125324.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125325.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125326.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125327.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125328.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125329.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125330.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125331.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125332.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125333.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125334.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125335.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125336.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125337.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125338.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125339.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125340.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125341.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125342.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125343.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125344.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125345.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125346.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125347.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125348.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125349.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125350.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125351.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125352.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125353.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125354.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125355.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125356.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125357.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125358.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125359.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125360.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125361.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125362.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125363.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125364.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125365.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125366.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125367.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125368.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125369.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125370.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125371.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125372.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125373.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125374.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125375.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125376.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125377.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125378.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125379.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125380.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125381.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125382.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125383.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125384.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125385.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125386.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125387.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125388.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125389.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125390.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125391.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125392.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125393.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125394.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125395.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125396.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125397.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125398.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125399.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125400.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125401.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125402.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125403.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125404.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125405.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125406.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125407.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125408.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125409.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125410.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125411.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125412.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125413.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125414.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125415.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125416.EXE -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125417.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125418.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125419.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125422.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125423.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125424.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125425.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125427.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125429.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125433.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125434.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125435.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125436.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125438.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125439.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125440.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125441.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125442.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125443.INI:hosnp -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125444.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125445.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125446.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125449.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125450.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125451.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125456.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125457.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125459.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125461.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125462.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125463.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125467.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125468.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125469.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125472.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125473.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125476.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125477.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125479.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125481.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125482.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125483.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125488.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125490.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125491.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125492.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125493.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125495.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125497.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125498.exe -> Trojan.Agent.bi : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125500.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125501.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125501.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125501.PIF:sggsh -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125501.PIF:vicqy -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125506.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125529.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125529.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125664.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP821\A0125664.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP822\A0125707.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP822\A0125707.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP822\A0125740.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP822\A0125740.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP822\A0125792.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP822\A0125792.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP823\A0125833.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP823\A0125833.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP823\A0126915.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP823\A0126915.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP823\A0126948.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP823\A0126948.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP824\A0126957.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP824\A0126957.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP824\A0126991.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP824\A0126991.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP824\A0127020.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP824\A0127020.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP825\A0127069.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP825\A0127069.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP826\A0127125.dll -> Hijacker.Small : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP826\A0127126.dll -> Hijacker.Small : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP826\A0127127.dll -> Hijacker.Small : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP826\A0127128.dll -> Hijacker.Small : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP826\A0127129.dll -> Hijacker.Small : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP826\A0127130.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127208.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127209.exe -> Downloader.Agent.td : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127264.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127265.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127266.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127267.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127268.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127269.dll -> Downloader.Agent.bc : Cleaned with backup C:\System Volume Information\_restore{21D7D692-4662-421F-93B0-877BC3820711}\RP827\A0127299.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\0.log:fgnuj -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\aciwd.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\addgl32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\apirv.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\CADKEY97.MIF:jiikz -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\gjlyl.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\gtfkg.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\iear32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ipcx32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\mfcna32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\msoc32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\nthq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\qrvin.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\sdkeb32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\stub89.ini:tqllb -> Downloader.Agent.bc : Cleaned with backup C:\WINDOWS\SYSTEM32\appey.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\appvs32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\crfy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\d3gu.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\d3vj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\fhwzm.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\SYSTEM32\ieaz.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\ievj32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\ipaq32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\ipdy.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\ipey32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\ipgs.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\SYSTEM32\ipma.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\javahg.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\javahi.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\mfcgb.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\SYSTEM32\netgz32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\ntpo32.exe -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\SYSTEM32\sysog.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\SYSTEM32\sysyr32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINDOWS\ULEAD32.INI:hlspm -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\wyzmm.dll -> Hijacker.Small : Cleaned with backup C:\WINDOWS\_DEFAULT.PIF:duqyf -> Downloader.Agent.td : Cleaned with backup C:\WINDOWS\_DEFAULT.PIF:pyjis -> Downloader.Agent.bc : Cleaned with backup ::Report End Logfile of HijackThis v1.99.1 Scan saved at 9:27:34 AM, on 1/29/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\WINDOWS\Nhksrv.exe C:\WINDOWS\SYSTEM32\Brmfrmps.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\WINDOWS\System32\gearsec.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~2\NORTON~3\NPROTECT.EXE C:\PROGRA~1\NORTON~2\NORTON~3\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\DELLMMKB.EXE C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\WINDOWS\System32\taskswitch.exe C:\Program Files\Netropa\OSD.exe C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Scansoft\PaperPort\pptd40nt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TrojanHunter 4.2\THGuard.exe C:\Program Files\HistoryKill\histkill.exe C:\Program Files\Belkin\F1U201.401\usbshare.exe C:\Palm\HOTSYNC.EXE C:\QUICKENW\QWDLLS.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Messenger\msmsgs.exe C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\gtfkg.dll/sp.html#24098%resultposition.net R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - Default URLSearchHook is missing O1 - Hosts: 127.0.0.0 localhost O1 - Hosts: 127.0.0.31 noadware.net O1 - Hosts: 127.0.0.49 spywarenuker.com O1 - Hosts: 127.0.0.85 www.noadware.net O2 - BHO: Class - {007FBB10-29F9-1035-4BC6-EADBD6D78464} - C:\WINDOWS\sysba32.dll (file missing) O2 - BHO: Class - {2874EF24-5B4A-FBCC-AAF3-41C5D6A1522B} - C:\WINDOWS\system32\ntpw32.dll (file missing) O2 - BHO: Class - {3F7A0085-83DF-8EA3-6353-820069149E3B} - C:\WINDOWS\ntqu.dll (file missing) O2 - BHO: Class - {40623E66-6632-B92E-52FA-C47B8259279F} - C:\WINDOWS\system32\atlgx32.dll (file missing) O2 - BHO: Class - {42B6D2AA-FC71-B406-F3BA-1E0D9D759441} - C:\WINDOWS\appjv.dll (file missing) O2 - BHO: Class - {4E2FC5BA-992E-EC3A-2A95-344CC1A74E91} - C:\WINDOWS\system32\sdkab.dll (file missing) O2 - BHO: Class - {5F01EA97-8CAF-C431-C7E3-98529F1ECE5B} - C:\WINDOWS\system32\netmc.dll (file missing) O2 - BHO: Class - {6058A6AF-A24B-BA66-E865-DC92A6952B33} - C:\WINDOWS\system32\ieuc.dll (file missing) O2 - BHO: Class - {7C6D92F0-991F-4012-B8E8-364B6009D6A2} - C:\WINDOWS\d3ex.dll (file missing) O2 - BHO: Class - {7D04D26C-C5D0-B880-1491-9D484DA65FEC} - C:\WINDOWS\appxq.dll (file missing) O2 - BHO: Class - {B24C88EC-60FC-99C0-BA5F-3F3DA397E615} - C:\WINDOWS\winik.dll (file missing) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Class - {BE109F8B-9C0D-8B9B-9B55-F31A546042B6} - C:\WINDOWS\winng.dll (file missing) O2 - BHO: Class - {C40457D9-D338-5738-22C0-B94004FBA803} - C:\WINDOWS\addnv.dll (file missing) O2 - BHO: Class - {CC0B49DB-5176-B2A9-3970-E7C0D543F141} - C:\WINDOWS\system32\javaiz32.dll (file missing) O2 - BHO: Class - {EC359119-1A6C-52A9-D03C-E373C5AAC363} - C:\WINDOWS\msky32.dll (file missing) O3 - Toolbar: CommuniKate - {2AD46959-7EE4-47C3-B976-C0912755DE1F} - C:\Program Files\ucietb\ucietb.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [14.tmp] C:\DOCUME~1\Computer\LOCALS~1\Temp\14.tmp.exe O4 - HKLM\..\Run: [14.tmp.exe] C:\DOCUME~1\Computer\LOCALS~1\Temp\14.tmp.exe O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..&# |
 |
 
|
|
Jan 29 2006, 10:22 AM
Post
#2
|
|
 Security Expert  Posts: 4,356 OS: XP 
|
Your HJT log is incomplete - please repost
|
|
|
|
