Thanks for helping me. I was about to past the logs in...been a bit slow at the mo'
Okay, all the steps were fine, apart from the following -
Wasn't able to find any of the files mentioned in the start >run and type: services.msc part, so I didn't stop any. Did find "NT NM network security support provider" and "Remote procedure call (RCC) locator" though I was highly suspicious of this last one. But considering what you said about tampering with "good files" I decided not to stop this one. Also I found "workstation" on its own, so I left it too.
In the following step I wasn't able to find find -
C:\Program Files\PerfectNav <== folder
or
C:\WINDOWS\system32\skl5ac11.dll
Right, the latest hijacker log today -
Logfile of HijackThis v1.99.1
Scan saved at 10:31:25, on 17/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\progra~1\mcafee\MCAFEE~1\MssCli.exe
c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\backup-originals\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\MssCli.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: LG SyncManager.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.t...all/xscan60.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by103fd.bay10...es/MsnPUpld.cabO16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akama...meInstaller.exeO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft.../as5/asinst.cabO20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
ewido report -
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 08:25:09, 17/07/2005
+ Report-Checksum: 3695FF54
+ Scan result:
C:\WINDOWS\adddx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\adddz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addff.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addhc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addht.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addjn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addkk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\addob.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\addyg32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\AD_NSTLL.INI:wpgcx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\AD_NSTLL.INI:zdyuv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\aelzv.txt:hdkyn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apief32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\apign.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apihc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apiht32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apihu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apilv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apiom.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apipr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\apiva.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appcs32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appki.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\applb.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\appsw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\appye.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlaz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlbg32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlcc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atloq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlqm32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlry.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlsj32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\atlti32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlvu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlzr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\AuHCcup1.ini:nwojr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\avrack.ini:beqkyx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\avrack.ini:igqoi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\avrack.ini:zlsre -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bcjxu.txt:uejyo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\bckoh.txt:tunvz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:cjaykn -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:jdann -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\cdPlayer.ini:tbmzl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\civ.ini:akyba -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\civ.ini:fncbt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\civ.ini:qffkj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\civ.ini:shgvfx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crbk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crbq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crfo.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crfy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\criu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crko32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crnh32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\crpa32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crqr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crtf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\cruq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crxz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\crzd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3as.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3fz32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3hs32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3jf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3lo.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3mb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3nx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3qt32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3rk32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3rr32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\d3sd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3su32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\d3zd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\desktop.ini:rgyyr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\desktop.ini:wbbtdu -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\dogfight.scr:nqpzm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dogfight.scr:pjkak -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\dogfight.scr:vbdxz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fcwfr.txt:cnjjb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fkzyy.txt:rwpoa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\fzwxf.txt:feiip -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\gqrzp.txt:cigex -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\hotbtnv.vxd:qllju -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\iejd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ieki.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iepl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iepr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ietl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iewq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iezc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipax32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ipom32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iptx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\iptz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ipyg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javact.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javaez.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javaoc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javapx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\javaws32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mdm.ini:rlcob -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mfcgg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcjt.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcmu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcoy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcte.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcvb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mfcyy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\mHotkey.reg:lfhbc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ModemLog_Conexant SoftK56 Modem(M).txt:kxdas -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ModemLog_Conexant SoftK56 Modem(M).txt:mkfyt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ModemLog_Conexant SoftK56 Modem(M).txt:rvire -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msaf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msar.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msdfmap.ini:nhmss -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msdfmap.ini:yiusc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\mseq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msfc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msgi.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msij32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msmz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\msqd32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\msuu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\NeroDigital.ini:wcbpy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netbb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netfj32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netpd.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netqq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\netsq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\netvx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\NSREX.INI:tevtw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ntcz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntmd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntnv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntrj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntwg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntxe.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntxj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ntxx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\octts.txt:aqxtc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\octts.txt:cimhp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:azsys -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ODBCINST.INI:bwqde -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\pavsig.txt:cpoui -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ptgvs.txt:itxeh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ptgvs.txt:nnzbq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\RomeTW.ini:iyidf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkfx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkht32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkil32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sdkla.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdknb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkns.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdknu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkxn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sdkzl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Sfc3ng.ini:evtjml -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\Sfc3ng.ini:nyvmh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SIERRA.INI:kgaik -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SIERRA.INI:rcohk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SIGVERIF.TXT:djgiy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SIGVERIF.TXT:lesdp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\smscfg.ini:qchje -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\smscfg.ini:yfdde -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\STA2.ini:htnjl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\STA2.ini:npptr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\swcmpc.ini:oeqvc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\swcmpc.ini:wtwdp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysak.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\syscz.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\sysiz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysjb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysjz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysnf32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysrg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysrj32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\SYSTEM.INI:pktyvy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32:alaa.dll -> TrojanDownloader.Small.azk : Cleaned with backup
C:\WINDOWS\system32\addaa.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addce32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\addcf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addfa32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addfh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addly.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\addpx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addvh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addwr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addwx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\addxd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apiep32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\apigv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apiis.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\apijf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apikh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apilw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apioi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apixe.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appar32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appbv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appdr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appem32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appje.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appkg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appoe.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appqb.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\apprr.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\apptx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\appwv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlhh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlje.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlsi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlsx32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlxd.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\atlya.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\craa32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\crak32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crcg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crch32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crcr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crdl.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crdq.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\crei.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crgn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crme32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crmv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crnk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crnp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crph.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crqu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\crtz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\cryd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\crzz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3aj32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3dd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3fj.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3fk.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3fu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3hi32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3oh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3rc32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\d3ty32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\d3vd.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\ieel.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ieih.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iejk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iekq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ienw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ienz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ieqk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ieyz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\iezi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipae.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipbw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipgs32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ipnq32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\javaah.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javabk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javacq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javaeu32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javafw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javagb.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javakc32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javamh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javavm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\javayn32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\javayt32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcen.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcgw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfchv32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcrn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfcsp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mfctn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msec32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msez.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\msig.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msmg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msmm32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mspw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\msqw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\mssw.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\msup.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\msyl32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netdd32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netdr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netgg32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netke.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netpe.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netud.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\netwz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\netxn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntaz.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntbc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntte32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntum32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntuv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntwb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntxa32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\ntyn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkdi32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkek32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkmn.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkog32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkqc.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkqw32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkru.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdksn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkst32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkvp.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkvq32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sdkzw.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysao32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysfh.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysfh32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysmk32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\sysmz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\syssu.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\systl32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\sysxr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\syszf.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\windm32.exe -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\system32\winfr32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winjy.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winmx.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winnq.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winof.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winpp32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\wintu.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winum32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\system32\winxz32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\systg32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\sysyv.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\TSC.ini:hsrrd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\ugedf.txt:atbru -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\UPGRADE.TXT:npdcj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vb.ini:odxpg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vbaddin.ini:adsjj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vbaddin.ini:nylfuk -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\vbaddin.ini:sfjcd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vetyg.txt:xzwmg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vycmq.txt:kvlow -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vycmq.txt:qflnl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vycmq.txt:sjoav -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\vycmq.txt:tgkcr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\WFXDEL.BAT:lsyyq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winem.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\wingt.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winkg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winmdi.ini:zaksk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\winmn32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\winni32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\ysjxu.txt:uiibp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:afmpx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:asnmr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:aszetf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:awsbyh -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:awuam -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bchno -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bdsyj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bewsx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bgfrn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bijrx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bjdal -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bkegjf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bpuvq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bpvpk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bqryx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:brtwj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:btapm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bunig -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bwhau -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bwidy -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:bwlbx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:byzpl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cepqo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cfacj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cnxfm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cpaisd -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:cqvcr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:crded -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ctofg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ctova -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:culps -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cvmqf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cycyts -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:cyksh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:djspr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:dovvl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:dphfa -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:dqnty -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:dtiev -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ecabw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ehzdif -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:eipcc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ejfwlc -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:ekmaw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ekned -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:eoagp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ersvj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:esmtv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ffubb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:flwkm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:fmrdsn -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:fofbx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:fqxvv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:fuysw -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:fyskx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:fzzadz -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gapxr -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ggtvq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gjrqx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:glbbh -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:glbri -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gtdodx -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:guzab -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gwumd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gykwt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gyufo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gyuph -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gzfxi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:gzkty -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hdjvx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hgaxd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hhitc -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hieej -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hjqzo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hpqjg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hprlm -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hrzqo -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hseek -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hsofb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:htktq -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hubdk -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:hyhvg -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:iaifd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:iaqif -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:idxzx -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:iecjd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ifkrl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:igrqp -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ihqmv -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:imlse -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:imtdf -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ippjru -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\_default.pif:isbnj -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ivpnt -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ivppd -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:iwlsi -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ixvhl -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:izsfw -> TrojanDownloader.Agent.bq : Cleaned with backup
I'm including the last 3 about buster reports, not the whole thing, with the latest being the last of course -
AboutBuster 5.0 reference file 30
Scan started on [16/07/2005] at [11:48:21]
------------------------------------------------
Removed Stream! C:\WINDOWS\KB885836.log:cuobb
Removed Stream! C:\WINDOWS\vycmq.txt:wzzvc
Removed Stream! C:\WINDOWS\_default.pif:jjxou
------------------------------------------------
No Files Found!
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 11:55:28
AboutBuster 5.0 reference file 30
Scan started on [16/07/2005] at [13:27:06]
------------------------------------------------
Removed Stream! C:\WINDOWS\_default.pif:quwkb
------------------------------------------------
No Files Found!
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 13:32:23
AboutBuster 5.0 reference file 30
Scan started on [17/07/2005] at [01:01:04]
------------------------------------------------
Removed Stream! C:\WINDOWS\_default.pif:tggwa
------------------------------------------------
No Files Found!
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 01:02:37
That does it. Thanks again for the help.
Krish