Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Hijack this log


  • Please log in to reply

#1
jme

jme

    Member

  • Member
  • PipPip
  • 42 posts
I have run through all the steps/removal tools and I'm still having problems my computer won't shut down, it is slow and freezs.

Logfile of HijackThis v1.99.1
Scan saved at 1:47:29 PM, on 12/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
c:\program files\panda software\panda internet security 2007\WebProxy.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jim\Local Settings\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec....rl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.l...lscbase5059.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1143788300937
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161851278265
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Edited by jme, 17 December 2006 - 08:53 PM.

  • 0

Advertisements


#2
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Hello jme and welcome to G2G's Malware Forum.

My name is Technical_1 and I will be analyzing your log.

Please note, as I am still in training, my posts must first be approved by one of the instructors before posting them here for you. This is to ensure accurate information for you. Thanks for your understanding. I'll be back here with you as quickly as possible.

Let's go ahead and get an uninstall list while we're at it.
  • Let's get an Uninstall List from HijackThis:
  • Open HijackThis, click Config, click Misc Tools
  • Click "Open Uninstall Manager"
  • Click "Save List" (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.

Edited by Technical_1, 19 December 2006 - 07:06 PM.

  • 0

#3
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Thank you

Adaptec DirectCD Reader
Adobe Acrobat 5.0
DVD Shrink 3.2
DVD Solution
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Image Clip Palette
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESCX4700_4100 User's Guide
ewido anti-spyware 4.0
French Spelling Settings
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB929120)
ImageMate
ImageMixer VCD/DVD2 for OLYMPUS
J2SE Runtime Environment 5.0 Update 6
Macromedia Flash Player 8
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office XP Professional with FrontPage
MSN Music Assistant
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Multimedia Launcher
Nero OEM
Norton Personal Firewall 2006
Official Formula 1 Racing
OLYMPUS Master
Panda ActiveScan
Panda Internet Security 2007
Photo Story 3 for Windows
PIF DESIGNER
PowerDVD
PowerProducer
Prevx1
[email protected]
QuickTime
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
SoundMAX
Spybot - Search & Destroy 1.2
SpywareBlaster v3.5.1
SUPERAntiSpyware Free Edition
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Safety Scanner
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
  • 0

#4
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Hello again jme.

I believe that your biggest problem lies in the fact that you have multiple Anti-Virus Programs running with real-time protection on as well as 2 Firewall's. When it comes to Anti-Virus and Firewall's, one is all you need. Multiple AV's and Firewall's can compete with each other for control, slowing your system down dramatically and also leaving you vulnerable to more Malware.

You seem to have the full versions of these programs running. Did you buy each one? If you bought only one that would probably be the one I kept (also consider if one of the packages does both AV and Firewall, that may be the keeper). Let me know which AV and which Firewall you want to keep and we'll get rid of the rest. This should speed you up a lot.

:whistling:
  • 0

#5
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Hello

Silly me I thought I only had one AV, the only one I paid for was prevx which wasn't much is this one an av if so I will keep it otherwise any of them is ok maybe panda.
  • 0

#6
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Sorry for all the stupid questions jme but I have a couple more.

Is the Panda Security Suite you have installed a trial version or maybe a cracked version?

Also, does your Norton's Firewall still have subscription time left or was it a trial as well?

Once I get the answers to these questions, we can begin getting rid of what you don't need and get some protection in place that won't slow you down.

:whistling:

Edited by Technical_1, 21 December 2006 - 01:25 PM.

  • 0

#7
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
The Norton was a trial for some reason I can't uninstall it and I think the Panda is a trial as well about to expire soon.
  • 0

#8
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
OK jme, let's keep Prevx and get a Firewall and we'll get rid of the rest.
  • Update Java:
    Click here to download the latest version of java ( Java Runtime Environment (JRE) 6 ). Please install it and then reboot your computer.
  • Download one of the following free Firewalls. (But do not install yet.)
    Choose only 1 Firewall.
  • Uninstall the following programs.
    • ewido anti-spyware 4.0<-----Outdated. New version is called AVG Anti-Spyware.
    • J2SE Runtime Environment 5.0 Update 6<-----Outdated.
    • Norton Personal Firewall 2006<-----If this doesn't uninstall, then make sure it's disabled before installing your new one.
    • Panda Internet Security 2007
  • Install your new Firewall.
  • After that, Reboot.
  • Please re-open HiJackThis and scan and save a new log file.
  • Post Logs
    • New Hijack This Log
Let me know what happens when you try to uninstall the Norton's Firewall, if it doesn't uninstall.
  • 0

#9
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
When I try to uninstall Norton Firewall a message comes up saying Setup has encountered a problem and needs to close. I'm not sure how to disable it so havent installed new firewall yet.
  • 0

#10
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Hello again jme. Took a while to get something to remove that blasted firewall but OwNt came up with link to a removal tool. :whistling: Let's give it a go.
  • Follow the instructions on this page to remove any and all Norton's products from your system.
  • Now, only if things went well with the Norton's uninstall, choose a new Firewall and install it.
  • Please re-open HiJackThis and scan and save a new log file.
  • Post Logs
  • New Hijack This Log


  • 0

Advertisements


#11
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Hi

Sorry to be a pain I'm having a bit of trouble installing a fire wall, I get the following message with Zone Alarm

Setup is unable to log into the truevector service. Install cannot continure without logging into truevector. Please use the service manager to shutdown the truevector and then restart the install program.

And I have no idea what that means, the other fire wall the page isnot found.

Cheers
  • 0

#12
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Hi jme

Sorry about the Kerio link. It must have changed. I'll have to find a new one. In the meantime, take a look at this page, specifically error #5. Try the steps listed for error #5 and let me know what happens.

:whistling:
  • 0

#13
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Thanks that worked I have now installed zone alarm (the computer seems to be running slower now) here is the new hijack this log.

Logfile of HijackThis v1.99.1
Scan saved at 11:22:06 AM, on 12/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jim\Local Settings\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec....rl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.l...lscbase5059.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1143788300937
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161851278265
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file missing)
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

#14
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts

(the computer seems to be running slower now)

:whistling: I'm surprised by that. I would have thought it would be much quicker now. Let's get a couple of remaining services and get a scan in to see if anything is hiding.
  • Remove Bad Services
    • Go to Start->Run and type in notepad and hit OK.
    • Then copy and paste the contents of the following Quote box into Notepad:

      sc stop BackWeb Plug-in - 4476822
      sc delete BackWeb Plug-in - 4476822
      sc stop Symantec Core LC
      sc delete Symantec Core LC
      del delete.bat

    • Save the file as "delete.bat". <== Make sure to save it with the quotes.
    • Double click delete.bat.
  • Please download ATF Cleaner by Atribune.
    This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
    Under Main choose: Select All
    Click the Empty Selected button.
    If you use Firefox browserClick Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browserClick Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
    For Technical Support, double-click the e-mail address located at the bottom of each menu.
  • Please run Bit Defender
    Note: This Scan requires Internet Explorer to run.
    • read the EULA and click 'I agree' if you wish to proceed with scan
    • Allow the ActiveX control to install, if prompted.
    • The Scanning Engine and Virus Definitions will now update.
      You may receive a message about the scanning engine being updated and that you need to close Internet Explorer and reopen. If you recieve this message, close IE and reopen. Then navigate back to the Scanner.
    • Now click on Click Here to Scan
    • Your entire computer will now be scanned.
    • When BitDefender completes the scan, select the "Detected Problems" tab.
    • Click on "Click here to export scan".
    • Save the file as an HTML to your Desktop.
    • Then click on the saved file and allow it to open with your browser.
    • Go to Edit>Select All then copy/paste that log back here.

      This could be a long scan so do it when you have at least two or three hours free.
  • Please re-open HiJackThis and scan and save a new log file.
  • Post Logs
    • BitDefender Results
    • New Hijack This Log

Edited by Technical_1, 30 December 2006 - 07:44 PM.

  • 0

#15
jme

jme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
bitdefender log

BitDefender Online Scanner



Scan report generated at: Sun, Dec 31, 2006 - 15:21:20





Scan path: A:\;C:\;D:\;







Statistics

Time
01:04:14

Files
514735

Folders
3483

Boot Sectors
2

Archives
1488

Packed Files
73566




Results

Identified Viruses
6

Infected Files
61

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
63




Engines Info

Virus Definitions
363523

Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\$VAULT$.AVG\00061000.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00061000.FIL
Disinfection failed

C:\$VAULT$.AVG\00061000.FIL
Deleted

C:\$VAULT$.AVG\00064609.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00064609.FIL
Disinfection failed

C:\$VAULT$.AVG\00064609.FIL
Deleted

C:\$VAULT$.AVG\00072125.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00072125.FIL
Disinfection failed

C:\$VAULT$.AVG\00072125.FIL
Deleted

C:\$VAULT$.AVG\00074375.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00074375.FIL
Disinfection failed

C:\$VAULT$.AVG\00074375.FIL
Deleted

C:\$VAULT$.AVG\00083109.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00083109.FIL
Disinfection failed

C:\$VAULT$.AVG\00083109.FIL
Deleted

C:\$VAULT$.AVG\00089234.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00089234.FIL
Disinfection failed

C:\$VAULT$.AVG\00089234.FIL
Deleted

C:\$VAULT$.AVG\00100937.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00100937.FIL
Disinfection failed

C:\$VAULT$.AVG\00100937.FIL
Deleted

C:\$VAULT$.AVG\00103484.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00103484.FIL
Disinfection failed

C:\$VAULT$.AVG\00103484.FIL
Deleted

C:\$VAULT$.AVG\00115828.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00115828.FIL
Disinfection failed

C:\$VAULT$.AVG\00115828.FIL
Deleted

C:\$VAULT$.AVG\00130000.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00130000.FIL
Disinfection failed

C:\$VAULT$.AVG\00130000.FIL
Deleted

C:\$VAULT$.AVG\00134359.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00134359.FIL
Disinfection failed

C:\$VAULT$.AVG\00134359.FIL
Deleted

C:\$VAULT$.AVG\00135875.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00135875.FIL
Disinfection failed

C:\$VAULT$.AVG\00135875.FIL
Deleted

C:\$VAULT$.AVG\00143968.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00143968.FIL
Disinfection failed

C:\$VAULT$.AVG\00143968.FIL
Deleted

C:\$VAULT$.AVG\00155484.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00155484.FIL
Disinfection failed

C:\$VAULT$.AVG\00155484.FIL
Deleted

C:\$VAULT$.AVG\00188406.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00188406.FIL
Disinfection failed

C:\$VAULT$.AVG\00188406.FIL
Deleted

C:\$VAULT$.AVG\00220406.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00220406.FIL
Disinfection failed

C:\$VAULT$.AVG\00220406.FIL
Deleted

C:\$VAULT$.AVG\00249578.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00249578.FIL
Disinfection failed

C:\$VAULT$.AVG\00249578.FIL
Deleted

C:\$VAULT$.AVG\00263671.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00263671.FIL
Disinfection failed

C:\$VAULT$.AVG\00263671.FIL
Deleted

C:\$VAULT$.AVG\00274625.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00274625.FIL
Disinfection failed

C:\$VAULT$.AVG\00274625.FIL
Deleted

C:\$VAULT$.AVG\00277328.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00277328.FIL
Disinfection failed

C:\$VAULT$.AVG\00277328.FIL
Deleted

C:\$VAULT$.AVG\00285015.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00285015.FIL
Disinfection failed

C:\$VAULT$.AVG\00285015.FIL
Deleted

C:\$VAULT$.AVG\00315875.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00315875.FIL
Disinfection failed

C:\$VAULT$.AVG\00315875.FIL
Deleted

C:\$VAULT$.AVG\00341109.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00341109.FIL
Disinfection failed

C:\$VAULT$.AVG\00341109.FIL
Deleted

C:\$VAULT$.AVG\00347859.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00347859.FIL
Disinfection failed

C:\$VAULT$.AVG\00347859.FIL
Deleted

C:\$VAULT$.AVG\00370953.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00370953.FIL
Disinfection failed

C:\$VAULT$.AVG\00370953.FIL
Deleted

C:\$VAULT$.AVG\00391140.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00391140.FIL
Disinfection failed

C:\$VAULT$.AVG\00391140.FIL
Deleted

C:\$VAULT$.AVG\00399750.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00399750.FIL
Disinfection failed

C:\$VAULT$.AVG\00399750.FIL
Deleted

C:\$VAULT$.AVG\00430296.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00430296.FIL
Disinfection failed

C:\$VAULT$.AVG\00430296.FIL
Deleted

C:\$VAULT$.AVG\00459796.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00459796.FIL
Disinfection failed

C:\$VAULT$.AVG\00459796.FIL
Deleted

C:\$VAULT$.AVG\00490312.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00490312.FIL
Disinfection failed

C:\$VAULT$.AVG\00490312.FIL
Deleted

C:\$VAULT$.AVG\03411656.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\03411656.FIL
Disinfection failed

C:\$VAULT$.AVG\03411656.FIL
Deleted

C:\$VAULT$.AVG\04455484.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\04455484.FIL
Disinfection failed

C:\$VAULT$.AVG\04455484.FIL
Deleted

C:\$VAULT$.AVG\04458062.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\04458062.FIL
Disinfection failed

C:\$VAULT$.AVG\04458062.FIL
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0177761E.tmp=>(Quarantine-2)
Infected with: Java.Trojan.ClassLoader.K

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0177761E.tmp=>(Quarantine-2)
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0177761E.tmp=>(Quarantine-2)
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01885519.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01885519.tmp=>(Quarantine-2)
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01885519.tmp=>(Quarantine-2)
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf
Update failed
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP