Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

My Hijack this log

Started by jme , Dec 17 2006 08:52 PM

Please log in to reply

#1
jme

Posted 17 December 2006 - 08:52 PM

Member

Member
42 posts

I have run through all the steps/removal tools and I'm still having problems my computer won't shut down, it is slow and freezs.

Logfile of HijackThis v1.99.1
Scan saved at 1:47:29 PM, on 12/18/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD.EXE
c:\program files\panda software\panda internet security 2007\WebProxy.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jim\Local Settings\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec....rl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.l...lscbase5059.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1143788300937
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161851278265
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV.EXE
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Edited by jme, 17 December 2006 - 08:53 PM.

#2
Technical_1

Posted 19 December 2006 - 07:03 PM

Visiting Staff

Member
735 posts

Hello jme and welcome to G2G's Malware Forum.

My name is Technical_1 and I will be analyzing your log.

Please note, as I am still in training, my posts must first be approved by one of the instructors before posting them here for you. This is to ensure accurate information for you. Thanks for your understanding. I'll be back here with you as quickly as possible.

Let's go ahead and get an uninstall list while we're at it.

Let's get an Uninstall List from HijackThis:
Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

Edited by Technical_1, 19 December 2006 - 07:06 PM.

#3
jme

Posted 20 December 2006 - 02:15 AM

Member

Topic Starter
Member
42 posts

Thank you

Adaptec DirectCD Reader
Adobe Acrobat 5.0
DVD Shrink 3.2
DVD Solution
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Image Clip Palette
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
ESCX4700_4100 User's Guide
ewido anti-spyware 4.0
French Spelling Settings
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB929120)
ImageMate
ImageMixer VCD/DVD2 for OLYMPUS
J2SE Runtime Environment 5.0 Update 6
Macromedia Flash Player 8
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Office XP Professional with FrontPage
MSN Music Assistant
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Multimedia Launcher
Nero OEM
Norton Personal Firewall 2006
Official Formula 1 Racing
OLYMPUS Master
Panda ActiveScan
Panda Internet Security 2007
Photo Story 3 for Windows
PIF DESIGNER
PowerDVD
PowerProducer
Prevx1
print@camerahouse
QuickTime
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
SoundMAX
Spybot - Search & Destroy 1.2
SpywareBlaster v3.5.1
SUPERAntiSpyware Free Edition
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Safety Scanner
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781

#4
Technical_1

Posted 20 December 2006 - 04:55 PM

Visiting Staff

Member
735 posts

Hello again jme.

I believe that your biggest problem lies in the fact that you have multiple Anti-Virus Programs running with real-time protection on as well as 2 Firewall's. When it comes to Anti-Virus and Firewall's, one is all you need. Multiple AV's and Firewall's can compete with each other for control, slowing your system down dramatically and also leaving you vulnerable to more Malware.

You seem to have the full versions of these programs running. Did you buy each one? If you bought only one that would probably be the one I kept (also consider if one of the packages does both AV and Firewall, that may be the keeper). Let me know which AV and which Firewall you want to keep and we'll get rid of the rest. This should speed you up a lot.

:whistling:

#5
jme

Posted 21 December 2006 - 12:47 AM

Member

Topic Starter
Member
42 posts

Hello

Silly me I thought I only had one AV, the only one I paid for was prevx which wasn't much is this one an av if so I will keep it otherwise any of them is ok maybe panda.

#6
Technical_1

Posted 21 December 2006 - 01:22 PM

Visiting Staff

Member
735 posts

Sorry for all the stupid questions jme but I have a couple more.

Is the Panda Security Suite you have installed a trial version or maybe a cracked version?

Also, does your Norton's Firewall still have subscription time left or was it a trial as well?

Once I get the answers to these questions, we can begin getting rid of what you don't need and get some protection in place that won't slow you down.

:whistling:

Edited by Technical_1, 21 December 2006 - 01:25 PM.

#7
jme

Posted 21 December 2006 - 03:56 PM

Member

Topic Starter
Member
42 posts

The Norton was a trial for some reason I can't uninstall it and I think the Panda is a trial as well about to expire soon.

#8
Technical_1

Posted 22 December 2006 - 06:26 AM

Visiting Staff

Member
735 posts

OK jme, let's keep Prevx and get a Firewall and we'll get rid of the rest.

Update Java:
Click here to download the latest version of java ( Java Runtime Environment (JRE) 6 ). Please install it and then reboot your computer.
Download one of the following free Firewalls. (But do not install yet.)
Choose only 1 Firewall.
- ZoneAlarm
- Kerio
Uninstall the following programs.
- Panda Internet Security 2007
Install your new Firewall.
After that, Reboot.
Please re-open HiJackThis and scan and save a new log file.
Post Logs
New Hijack This Log

Let me know what happens when you try to uninstall the Norton's Firewall, if it doesn't uninstall.

#9
jme

Posted 26 December 2006 - 03:38 AM

Member

Topic Starter
Member
42 posts

When I try to uninstall Norton Firewall a message comes up saying Setup has encountered a problem and needs to close. I'm not sure how to disable it so havent installed new firewall yet.

#10
Technical_1

Posted 28 December 2006 - 07:35 AM

Visiting Staff

Member
735 posts

Hello again jme. Took a while to get something to remove that blasted firewall but OwNt came up with link to a removal tool. :whistling:

Let's give it a go.

Follow the instructions on this page to remove any and all Norton's products from your system.
Now, only if things went well with the Norton's uninstall, choose a new Firewall and install it.
Please re-open HiJackThis and scan and save a new log file.
Post Logs
New Hijack This Log

#11
jme

Posted 30 December 2006 - 03:49 AM

Member

Topic Starter
Member
42 posts

Hi

Sorry to be a pain I'm having a bit of trouble installing a fire wall, I get the following message with Zone Alarm

Setup is unable to log into the truevector service. Install cannot continure without logging into truevector. Please use the service manager to shutdown the truevector and then restart the install program.

And I have no idea what that means, the other fire wall the page isnot found.

Cheers

#12
Technical_1

Posted 30 December 2006 - 03:25 PM

Visiting Staff

Member
735 posts

Hi jme

Sorry about the Kerio link. It must have changed. I'll have to find a new one. In the meantime, take a look at this page, specifically error #5. Try the steps listed for error #5 and let me know what happens.

:whistling:

#13
jme

Posted 30 December 2006 - 06:25 PM

Member

Topic Starter
Member
42 posts

Thanks that worked I have now installed zone alarm (the computer seems to be running slower now) here is the new hijack this log.

Logfile of HijackThis v1.99.1
Scan saved at 11:22:06 AM, on 12/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Prevx1\PXConsole.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\jim\Local Settings\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://au.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec....rl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.l...lscbase5059.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1143788300937
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1161851278265
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,23/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file missing)
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

#14
Technical_1

Posted 30 December 2006 - 07:44 PM

Visiting Staff

Member
735 posts

(the computer seems to be running slower now)

I'm surprised by that. I would have thought it would be much quicker now. Let's get a couple of remaining services and get a scan in to see if anything is hiding.

Remove Bad Services
- Go to Start->Run and type in notepad and hit OK.
- Then copy and paste the contents of the following Quote box into Notepad:
  
  sc stop BackWeb Plug-in - 4476822
  sc delete BackWeb Plug-in - 4476822
  sc stop Symantec Core LC
  sc delete Symantec Core LC
  del delete.bat
- Save the file as "delete.bat". <== Make sure to save it with the quotes.
- Double click delete.bat.
Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
Please run Bit Defender
Note: This Scan requires Internet Explorer to run.
- read the EULA and click 'I agree' if you wish to proceed with scan
- Allow the ActiveX control to install, if prompted.
- The Scanning Engine and Virus Definitions will now update.
  You may receive a message about the scanning engine being updated and that you need to close Internet Explorer and reopen. If you recieve this message, close IE and reopen. Then navigate back to the Scanner.
- Now click on Click Here to Scan
- Your entire computer will now be scanned.
- When BitDefender completes the scan, select the "Detected Problems" tab.
- Click on "Click here to export scan".
- Save the file as an HTML to your Desktop.
- Then click on the saved file and allow it to open with your browser.
- Go to Edit>Select All then copy/paste that log back here.
  
  This could be a long scan so do it when you have at least two or three hours free.
Please re-open HiJackThis and scan and save a new log file.
Post Logs
BitDefender Results
New Hijack This Log

Edited by Technical_1, 30 December 2006 - 07:44 PM.

#15
jme

Posted 30 December 2006 - 10:41 PM

Member

Topic Starter
Member
42 posts

bitdefender log

BitDefender Online Scanner

Scan report generated at: Sun, Dec 31, 2006 - 15:21:20

Scan path: A:\;C:\;D:\;

Statistics

Time
01:04:14

Files
514735

Folders
3483

Boot Sectors
2

Archives
1488

Packed Files
73566

Results

Identified Viruses
6

Infected Files
61

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
63

Engines Info

Virus Definitions
363523

Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\$VAULT$.AVG\00061000.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00061000.FIL
Disinfection failed

C:\$VAULT$.AVG\00061000.FIL
Deleted

C:\$VAULT$.AVG\00064609.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00064609.FIL
Disinfection failed

C:\$VAULT$.AVG\00064609.FIL
Deleted

C:\$VAULT$.AVG\00072125.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00072125.FIL
Disinfection failed

C:\$VAULT$.AVG\00072125.FIL
Deleted

C:\$VAULT$.AVG\00074375.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00074375.FIL
Disinfection failed

C:\$VAULT$.AVG\00074375.FIL
Deleted

C:\$VAULT$.AVG\00083109.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00083109.FIL
Disinfection failed

C:\$VAULT$.AVG\00083109.FIL
Deleted

C:\$VAULT$.AVG\00089234.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00089234.FIL
Disinfection failed

C:\$VAULT$.AVG\00089234.FIL
Deleted

C:\$VAULT$.AVG\00100937.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00100937.FIL
Disinfection failed

C:\$VAULT$.AVG\00100937.FIL
Deleted

C:\$VAULT$.AVG\00103484.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00103484.FIL
Disinfection failed

C:\$VAULT$.AVG\00103484.FIL
Deleted

C:\$VAULT$.AVG\00115828.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00115828.FIL
Disinfection failed

C:\$VAULT$.AVG\00115828.FIL
Deleted

C:\$VAULT$.AVG\00130000.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00130000.FIL
Disinfection failed

C:\$VAULT$.AVG\00130000.FIL
Deleted

C:\$VAULT$.AVG\00134359.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00134359.FIL
Disinfection failed

C:\$VAULT$.AVG\00134359.FIL
Deleted

C:\$VAULT$.AVG\00135875.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00135875.FIL
Disinfection failed

C:\$VAULT$.AVG\00135875.FIL
Deleted

C:\$VAULT$.AVG\00143968.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00143968.FIL
Disinfection failed

C:\$VAULT$.AVG\00143968.FIL
Deleted

C:\$VAULT$.AVG\00155484.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00155484.FIL
Disinfection failed

C:\$VAULT$.AVG\00155484.FIL
Deleted

C:\$VAULT$.AVG\00188406.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00188406.FIL
Disinfection failed

C:\$VAULT$.AVG\00188406.FIL
Deleted

C:\$VAULT$.AVG\00220406.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00220406.FIL
Disinfection failed

C:\$VAULT$.AVG\00220406.FIL
Deleted

C:\$VAULT$.AVG\00249578.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00249578.FIL
Disinfection failed

C:\$VAULT$.AVG\00249578.FIL
Deleted

C:\$VAULT$.AVG\00263671.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00263671.FIL
Disinfection failed

C:\$VAULT$.AVG\00263671.FIL
Deleted

C:\$VAULT$.AVG\00274625.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00274625.FIL
Disinfection failed

C:\$VAULT$.AVG\00274625.FIL
Deleted

C:\$VAULT$.AVG\00277328.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00277328.FIL
Disinfection failed

C:\$VAULT$.AVG\00277328.FIL
Deleted

C:\$VAULT$.AVG\00285015.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00285015.FIL
Disinfection failed

C:\$VAULT$.AVG\00285015.FIL
Deleted

C:\$VAULT$.AVG\00315875.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00315875.FIL
Disinfection failed

C:\$VAULT$.AVG\00315875.FIL
Deleted

C:\$VAULT$.AVG\00341109.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00341109.FIL
Disinfection failed

C:\$VAULT$.AVG\00341109.FIL
Deleted

C:\$VAULT$.AVG\00347859.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00347859.FIL
Disinfection failed

C:\$VAULT$.AVG\00347859.FIL
Deleted

C:\$VAULT$.AVG\00370953.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00370953.FIL
Disinfection failed

C:\$VAULT$.AVG\00370953.FIL
Deleted

C:\$VAULT$.AVG\00391140.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00391140.FIL
Disinfection failed

C:\$VAULT$.AVG\00391140.FIL
Deleted

C:\$VAULT$.AVG\00399750.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00399750.FIL
Disinfection failed

C:\$VAULT$.AVG\00399750.FIL
Deleted

C:\$VAULT$.AVG\00430296.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00430296.FIL
Disinfection failed

C:\$VAULT$.AVG\00430296.FIL
Deleted

C:\$VAULT$.AVG\00459796.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00459796.FIL
Disinfection failed

C:\$VAULT$.AVG\00459796.FIL
Deleted

C:\$VAULT$.AVG\00490312.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\00490312.FIL
Disinfection failed

C:\$VAULT$.AVG\00490312.FIL
Deleted

C:\$VAULT$.AVG\03411656.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\03411656.FIL
Disinfection failed

C:\$VAULT$.AVG\03411656.FIL
Deleted

C:\$VAULT$.AVG\04455484.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\04455484.FIL
Disinfection failed

C:\$VAULT$.AVG\04455484.FIL
Deleted

C:\$VAULT$.AVG\04458062.FIL
Infected with: Trojan.Downloader.APC

C:\$VAULT$.AVG\04458062.FIL
Disinfection failed

C:\$VAULT$.AVG\04458062.FIL
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0177761E.tmp=>(Quarantine-2)
Infected with: Java.Trojan.ClassLoader.K

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0177761E.tmp=>(Quarantine-2)
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0177761E.tmp=>(Quarantine-2)
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01885519.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01885519.tmp=>(Quarantine-2)
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01885519.tmp=>(Quarantine-2)
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>BlackBox.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>BlackBox.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>BlackBox.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>VerifierBug.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>VerifierBug.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>VerifierBug.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Dummy.class
Infected with: Java.Trojan.Exploit.Bytverify

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Dummy.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Beyond.class
Infected with: Java.Trojan.Exploit.Bytverify.C

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Beyond.class
Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)=>Beyond.class
Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip=>(Quarantine-2)
Updated

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\018C7F15.zip
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_1aae.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3514.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_3ae8.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_46.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4642.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_4c16.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_5608.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_61e3.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_70cc.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf=>(Embedded EXE g)
Infected with: MemScan:Trojan.Agent.QB

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\a729046b263ef889f24d00ae250ae0005453eef8_7a8.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_1aae.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_2256.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3514.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_3ae8.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4642.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_49.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_4c16.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_5608.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_61e6.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_6afd.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_70cc.pvf
Update failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf=>(Embedded EXE g)
Infected with: Trojan.Downloader.Mohbpork.A

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf=>(Embedded EXE g)
Disinfection failed

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf=>(Embedded EXE g)
Deleted

C:\Program Files\Prevx1\$JAIL$\ea9f8f7816b6db51c80a00518d66af0013d5239a_7d4c.pvf
Update failed