View Full Version : services and controller app has encountered a problem and needs to close
amit309
03-12-2007, 03:09 PM
services and controller app has encountered a problem and needs to close
i recieve this message after some time of connecting to internet
please help
the log file of hijack this is:
Logfile of HijackThis v1.99.1
Scan saved at 12:21:17 AM, on 3/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\mprwanp.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\admin\LOCALS~1\Temp\winkmbthm.exe
C:\DOCUME~1\admin\LOCALS~1\Temp\winunbmrb.exe
C:\Documents and Settings\admin\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://in.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {59C6A5D3-F8EB-4A4E-8D21-51C498B08A2b} - C:\WINDOWS\system32\wdllfuf-32.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NI.UERSI_0001_LP] "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\75UJMEJT\ErrorSafeScannerInstall IN[1].exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EasyAV] C:\WINDOWS\EasyAV.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [brwdiag] C:\WINDOWS\system32\brwconf.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [wmvdiag] C:\WINDOWS\system32\wmvconf.exe
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplore.exe
O4 - HKLM\..\Run: [METAPOPEQMEET] C:\Documents and Settings\All Users\Application Data\phone error meta pop\Theowns.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [mess dent] C:\DOCUME~1\admin\APPLIC~1\BOOBRD~1\bin peak.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\G oogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYIN
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADEFFF95-A0BB-460A-AF22-33070B06D55D}: NameServer = 202.56.230.15,202.56.215.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1F56248-2381-4120-AC04-CF80694E1DE3}: NameServer = 202.56.215.55 202.56.215.54
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: e1.dll confwmv.dll wmvstat.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mprwanp - C:\WINDOWS\system32\mprwanp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winftsap - C:\WINDOWS\system32\winftsap.dll (file missing)
O20 - Winlogon Notify: wmvmgr - C:\WINDOWS\SYSTEM32\wmvmgr32.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
david eaton
03-13-2007, 05:17 AM
Amit309.
Welcome to the pcguide forums.
From your log, I can see no antivirus program installed. First, get an A.V program, install it and perform a complete system scan, allowing it to fix/delete anything it finds. Several good A/V programs can be found on the web. AVG or Avast are both free. Then repost an updated hijack this log.
Garylovesginger.
Again, welcome to the forums. So that your topic can be dealt with, please do the following:-
1 post a new log, after enabling normal startup in Msconfig.
2 please start a new thread, rather than piggybacking on someone else's post.
3 Unless you really really like spam, do not post your email address in a public forum!
Budfred
03-13-2007, 09:47 AM
I moved garylovesginger's post to its own thread here:
http://www.pcguide.com/vb/showthread.php?t=55164
amit309
03-13-2007, 01:31 PM
i tried to install norton but intallation failed.
what shall i do now
amit309
03-13-2007, 03:54 PM
either i send or dont send this problem to microsoft a dialogue box says system will shut down in 60 sec
it is authorised by nt/authority
david eaton
03-13-2007, 04:50 PM
Don't try Norton. It is a resource hog, and will bring your computer to it's knees!
Download either AVG or Avast, and see if they can be installed. Do get over the shutdown problem, when the message appears, go to Start> Run and type "shutdown a" ( without the quotes.) This is caused by another virus, so get that scanner working.
amit309
03-15-2007, 03:21 AM
i have installed avast. it has scanned and removed the virus and trojans but even after removing them many times they keep coming again{viruses}
and problem is still there
also iwanted to ask if torrents pose any virus threats?:confused:
Logfile of HijackThis v1.99.1
Scan saved at 12:50:34 PM, on 3/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
C:\WINDOWS\System32\mprwanp.exe
C:\WINDOWS\system32\dwwin.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe
C:\Documents and Settings\admin\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://in.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ChangerBHO Class - {0edc6c20-a31c-11db-8ab9-0800200c9a66} - C:\WINDOWS\system32\appmgrb.dll
O2 - BHO: ContextualAds Class - {3AAC4C68-AFC8-11DB-80EF-8AF955D89593} - C:\Program Files\TrustIn Contextual\trustincontext.dll
O2 - BHO: (no name) - {59C6A5D3-F8EB-4A4E-8D21-51C498B08A2b} - C:\WINDOWS\system32\wdllfuf-32.dll (file missing)
O2 - BHO: Clicker Class - {631f7200-642e-11db-bd13-0800200c9a66} - C:\WINDOWS\system32\mscoriezb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - C:\WINDOWS\inetloader.dll
O2 - BHO: SpoofBHO Class - {F67EEB12-AB09-11DB-A6F1-260856D89593} - C:\WINDOWS\se_spoof.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NI.UERSI_0001_LP] "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\75UJMEJT\ErrorSafeScannerInstall IN[1].exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EasyAV] C:\WINDOWS\EasyAV.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [brwdiag] C:\WINDOWS\system32\brwconf.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [wmvdiag] C:\WINDOWS\system32\wmvconf.exe
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\iexplore.exe
O4 - HKLM\..\Run: [METAPOPEQMEET] C:\Documents and Settings\All Users\Application Data\phone error meta pop\Theowns.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [mess dent] C:\DOCUME~1\admin\APPLIC~1\BOOBRD~1\bin peak.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\G oogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYIN
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADEFFF95-A0BB-460A-AF22-33070B06D55D}: NameServer = 202.56.230.15,202.56.215.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1F56248-2381-4120-AC04-CF80694E1DE3}: NameServer = 202.56.215.55 202.56.215.54
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: e1.dll confwmv.dll wmvstat.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mprwanp - C:\WINDOWS\system32\mprwanp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wineak32 - C:\WINDOWS\SYSTEM32\wineak32.dll
O20 - Winlogon Notify: winftsap - C:\WINDOWS\system32\winftsap.dll (file missing)
O20 - Winlogon Notify: wmvmgr - C:\WINDOWS\SYSTEM32\wmvmgr32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
david eaton
03-15-2007, 05:06 AM
==Download, install, and update AVG Anti-Spyware 7.5 (http://www.ewido.net/en/download/)
Save the installer to desktop
Double click the installer, select your language, and then select OK
Click NEXT>>Do or don't read the "User License Agreement"
Select I Agree>>>NEXT>>>INSTALL
AVG will now install and afterwards click FINISH
AVG Anti-Spyware 7.5 should now Load
Click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Close AVG Anti-Spyware 7.5. Do not run it yet.
Reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode at the top, on the screen that appears.
Sign in with your normal user account
Once in safe mode
Then run AVG Anti-Spyware 7.5 and click on the Scanner tab at the top
Click the "Settings" tab and then change the recommended action to Quarantine and ensure that Automatically generate report after every scan is selected and
Uncheck "Only if Threats are found"
Click back to the "Scan" tab and then click on Complete System Scan.
This scan can take quite a while to run, so be prepared.
AVG Anti-Spyware 7.5 will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware 7.5 will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
amit309
03-17-2007, 12:08 PM
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 7:35:40 PM 3/17/2007
+ Scan result:
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010050.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010051.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010052.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010053.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010054.dll -> Downloader.Small.ddp : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010055.exe -> Downloader.Small.edb : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010493.dll -> Logger.Goldun.lm : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010059.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010060.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010061.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010062.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010063.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010064.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010065.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010066.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010067.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010068.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010069.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010070.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010071.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010072.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010073.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010074.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010075.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010076.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010077.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010078.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010079.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010080.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010081.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010082.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010083.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010084.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010085.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010086.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010087.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010088.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010089.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010090.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010091.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010092.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010093.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010094.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010095.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010096.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010097.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010098.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010099.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010100.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010101.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010102.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010103.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010104.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010105.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010106.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010107.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010108.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010109.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010110.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010111.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010112.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
amit309
03-17-2007, 12:10 PM
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010113.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010114.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010115.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010116.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010117.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010118.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010119.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010120.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010121.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010122.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010123.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010124.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010125.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010126.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010127.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010128.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010129.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010130.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010131.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010132.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010133.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010134.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010135.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010136.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010137.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010138.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010139.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010140.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010141.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010142.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010143.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010144.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010145.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010146.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010147.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010148.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010149.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010150.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010151.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010152.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010153.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010154.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010155.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010156.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010157.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010158.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010159.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010160.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010161.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010162.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010163.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010164.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010165.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010166.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010167.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010168.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010169.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010170.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010171.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010172.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010173.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010174.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010175.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010176.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
amit309
03-17-2007, 12:18 PM
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010177.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010178.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010179.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010180.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010181.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010182.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010183.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010184.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010185.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010186.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010187.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010188.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010189.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010190.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010191.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010192.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010193.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010194.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010195.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010196.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010197.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010198.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010199.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010200.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010201.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010202.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010203.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010204.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010205.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010206.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010207.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010208.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010209.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010210.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010211.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010212.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010213.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010214.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010215.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010216.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010217.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010218.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010219.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010220.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010221.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010222.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010223.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010224.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010225.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010226.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010227.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010228.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010229.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010230.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010231.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010232.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010233.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010234.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010235.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010236.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
amit309
03-17-2007, 12:19 PM
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010237.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010238.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010239.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010240.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010241.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010242.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010243.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010244.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010245.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010246.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010247.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010248.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010249.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010250.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010251.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010252.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010253.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010254.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010255.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010256.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010257.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010258.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010259.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010260.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010261.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010262.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010263.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010264.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010265.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010266.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010267.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010268.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010269.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010270.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010271.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010272.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010273.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010274.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010275.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010276.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010277.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010278.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010279.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010280.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010281.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010282.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010283.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010284.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010285.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010286.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010287.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010288.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010289.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010290.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010291.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010292.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010293.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010294.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010295.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010296.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
amit309
03-17-2007, 12:20 PM
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010297.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010298.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010299.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010300.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010301.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010302.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010303.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010304.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010305.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010306.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010307.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010308.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010309.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010310.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010311.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010312.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010313.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010314.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010315.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010316.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010317.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010318.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010319.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010320.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010321.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010322.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010323.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010324.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010325.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010326.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010327.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010328.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010329.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010330.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010331.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010332.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010333.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010334.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010335.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010336.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010337.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010338.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010339.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010340.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010341.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010342.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010343.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010344.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010345.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010346.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010347.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010348.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010349.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010350.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010351.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010352.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010353.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010354.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010355.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010356.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
amit309
03-17-2007, 12:21 PM
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010357.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010358.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010359.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010360.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010361.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010362.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010363.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010364.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010365.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010366.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010367.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010368.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010369.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010370.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010371.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010372.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010373.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010374.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010375.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010376.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010377.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010378.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010379.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010380.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010381.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010382.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010383.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010384.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010385.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010386.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010387.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010388.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010389.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010390.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010391.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010392.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010393.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010394.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010395.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010396.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010397.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010398.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010399.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010400.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010401.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010402.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010403.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010404.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010405.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010406.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010407.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010408.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010409.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010410.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010411.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010412.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010413.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010414.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010415.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010416.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
amit309
03-17-2007, 12:22 PM
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010417.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010418.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010419.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010420.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010421.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010422.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010423.dll -> Proxy.Agent.ll : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010424.dll -> Trojan.Agent.sy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010056.exe -> Trojan.VB.kf : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010057.dll -> Worm.Warezov : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010058.dll -> Worm.Warezov.la : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010048.dll -> Worm.Warezov.lj : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{34D2E0A2-F7BA-43FE-AFDD-6DC3AB410D81}\RP3\A0010049.dll -> Worm.Warezov.lj : Cleaned with backup (quarantined).
::Report end
this is the report of scan
david eaton
03-17-2007, 03:13 PM
Hmm. Everything in that log was in the system restore files. Please post an updated Hijack this log.
amit309
03-18-2007, 06:41 AM
Logfile of HijackThis v1.99.1
Scan saved at 4:09:40 PM, on 3/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\admin\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://in.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ChangerBHO Class - {0edc6c20-a31c-11db-8ab9-0800200c9a66} - C:\WINDOWS\system32\appmgrv.dll (file missing)
O2 - BHO: ContextualAds Class - {3AAC4C68-AFC8-11DB-80EF-8AF955D89593} - C:\Program Files\TrustIn Contextual\trustincontext.dll (file missing)
O2 - BHO: (no name) - {59C6A5D3-F8EB-4A4E-8D21-51C498B08A2b} - C:\WINDOWS\system32\wdllfuf-32.dll (file missing)
O2 - BHO: Clicker Class - {631f7200-642e-11db-bd13-0800200c9a66} - C:\WINDOWS\system32\mscoriezb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - C:\WINDOWS\inetloader.dll (file missing)
O2 - BHO: SpoofBHO Class - {F67EEB12-AB09-11DB-A6F1-260856D89593} - C:\WINDOWS\se_spoof.dll (file missing)
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NI.UERSI_0001_LP] "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\75UJMEJT\ErrorSafeScannerInstall IN[1].exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EasyAV] C:\WINDOWS\EasyAV.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [brwdiag] C:\WINDOWS\system32\brwconf.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [wmvdiag] C:\WINDOWS\system32\wmvconf.exe
O4 - HKLM\..\Run: [METAPOPEQMEET] C:\Documents and Settings\All Users\Application Data\phone error meta pop\Theowns.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [mess dent] C:\DOCUME~1\admin\APPLIC~1\BOOBRD~1\bin peak.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYIN
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADEFFF95-A0BB-460A-AF22-33070B06D55D}: NameServer = 202.56.230.15,202.56.215.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1F56248-2381-4120-AC04-CF80694E1DE3}: NameServer = 202.56.215.55 202.56.215.54
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: e1.dll confwmv.dll wmvstat.dll,wbsys.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mprwanp - C:\WINDOWS\system32\mprwanp.dll (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dl l
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: wineak32 - C:\WINDOWS\SYSTEM32\wineak32.dll
O20 - Winlogon Notify: winftsap - C:\WINDOWS\system32\winftsap.dll (file missing)
O20 - Winlogon Notify: wmvmgr - wmvmgr32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
david eaton
03-18-2007, 10:10 AM
1) Please download the Killbox (http://www.killbox.net/downloads/KillBox.exe).
Save it to the desktop and run it.
2) Select "Delete on Reboot", and then select "All files".
3) Copy the file names below to the clipboard by highlighting them and pressing Control-C:
wineak32.dll
e1.dll
confwmv.dll
wmvstat.dll
wbsys.dll
4) Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
5) Click the red-and-white "Delete File" button. Click "Yes" at the Delete on
Reboot prompt. Click "No" at the Pending Operations prompt.
Have Hijack This fix all of the following by placing a check in the appropriate boxes and
hitting fix checked. Make sure all browser and all Windows Explorer windows are closed
before fixing.
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88}
- (no file)
O2 - BHO: ChangerBHO Class - {0edc6c20-a31c-11db-8ab9-0800200c9a66} -
C:\WINDOWS\system32\appmgrv.dll (file missing)
O2 - BHO: ContextualAds Class - {3AAC4C68-AFC8-11DB-80EF-8AF955D89593} -
C:\Program Files\TrustIn Contextual\trustincontext.dll (file missing)
O2 - BHO: (no name) - {59C6A5D3-F8EB-4A4E-8D21-51C498B08A2b} -
C:\WINDOWS\system32\wdllfuf-32.dll (file missing)
O2 - BHO: Clicker Class - {631f7200-642e-11db-bd13-0800200c9a66} -
C:\WINDOWS\system32\mscoriezb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} -
C:\WINDOWS\inetloader.dll (file missing)
O2 - BHO: SpoofBHO Class - {F67EEB12-AB09-11DB-A6F1-260856D89593} -
C:\WINDOWS\se_spoof.dll (file missing)
O4 - HKLM\..\Run: [METAPOPEQMEET] C:\Documents and Settings\All
Users\Application Data\phone error meta pop\Theowns.exe
O4 - HKCU\..\Run: [mess dent] C:\DOCUME~1\admin\APPLIC~1\BOOBRD~1\bin
peak.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O20 - AppInit_DLLs: e1.dll confwmv.dll wmvstat.dll,wbsys.dll
O20 - Winlogon Notify: mprwanp - C:\WINDOWS\system32\mprwanp.dll (file missing)
O20 - Winlogon Notify: wineak32 - C:\WINDOWS\SYSTEM32\wineak32.dll
O20 - Winlogon Notify: winftsap - C:\WINDOWS\system32\winftsap.dll (file missing)
O20 - Winlogon Notify: wmvmgr - wmvmgr32.dll (file missing)
Reboot and delete
folders
C:\Documents and Settings\All Users\Application Data\phone error meta pop
C:\Documents and Settings\admin\Application Data\BOOBRD~1
Please post a followup Hijack this log, and say if your problems persist.
amit309
03-19-2007, 06:54 AM
the problem is solved now. thank u very much
Logfile of HijackThis v1.99.1
Scan saved at 3:53:10 PM, on 3/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\MI6841~1\MSSQL\binn\sqlservr.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\admin\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://in.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://in.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NI.UERSI_0001_LP] "C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\75UJMEJT\ErrorSafeScannerInstall IN[1].exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EasyAV] C:\WINDOWS\EasyAV.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [brwdiag] C:\WINDOWS\system32\brwconf.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [wmvdiag] C:\WINDOWS\system32\wmvconf.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.2480\G oogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm636YYIN
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download with NetPumper - C:\Program Files\NetPumper\AddUrl.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.com/applet/applet_o.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADEFFF95-A0BB-460A-AF22-33070B06D55D}: NameServer = 202.56.230.15,202.56.215.6
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dl l
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
david eaton
03-19-2007, 10:42 AM
Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications: Spywareblaster (http://www.javacoolsoftware.com/spywareblaster.html) <= SpywareBlaster will prevent spyware from being installed.
Spywareguard (http://www.wilderssecurity.net/spywareguard.html) <= SpywareGuard offers realtime protection from spyware installation attempts.
How to use Ad-Aware to remove Spyware (http://www.bleepingcomputer.com/forums/index.php?showtutorial=48) <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
How to use Spybot to remove Spyware (http://www.bleepingcomputer.com/forums/index.php?showtutorial=43) <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.To protect yourself further: IE/Spyad (https://netfiles.uiuc.edu/ehowes/www/resource.htm) <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
Google Toolbar (http://toolbar.google.com/) <= Get the free google toolbar to help stop pop up windows.I also suggest that you delete any files from "temp", "tmp" folders. In Internet Explorer, click on "Tools" => "Internet Options" => "Delete Files" and select the box that says "Delete All Offline Content" and click on "OK" twice. Also, empty the recycle bin by right clicking on it and selecting "Empty Recycle Bin". These steps should be done on a regular basis.
amit309
03-19-2007, 02:24 PM
thank u very much for ur advice.
can u pls. tell the ie/spyad for mozilla firefox
vBulletin v3.6.1, Copyright ©2000-2010, Jelsoft Enterprises Ltd.