WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Download.trojan virus

Started by Unforgiven , Mar 13 2006 09:29 AM

This topic is locked

13 replies to this topic

#1 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 13 March 2006 - 09:29 AM

norton antivirus has scanned my computer and it gives me a message
saying that winbys32.dll is infected with download.trojan and it is unable to delete the file
i tried to follow symantec instructions online - which included switching off the system restore, starting windows in safe mode, and manually deleting the file. but it did not work

this is the hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 8:48:12 PM, on 5/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sify Broadband\BBImpSec.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Sify Broadband\BBClient.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\TEMP\win3AB2.tmp.exe
C:\WINDOWS\TEMP\ijgohond.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
O1 - Hosts: 203.197.24.163 www.citibank.co.in
O1 - Hosts: 210.210.19.82 www.sifymall.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Sonic RecordNow!] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager2\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlpage.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O15 - Trusted Zone: *.offshoreclicks.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134760175217
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.....cab?refid=1123
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD3C56A-A00B-447A-B6D4-CFEAADC80688}: NameServer = 202.144.115.4,202.144.66.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DEB1604-C1D9-4235-AF0E-6660BCD9D9C8}: NameServer = 202.144.115.4,202.144.10.50
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: winbys32 - C:\WINDOWS\SYSTEM32\winbys32.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

any help will be greatly appreciated. thanks

Advertisements

Register to Remove

#2 Susan528

SuperMember

Authentic Member
3,194 posts

Posted 13 March 2006 - 02:03 PM

Hello Unforgiven and Welcome to Tom Coyote,

Please do the following:

STEP 1.
======
Please download VundoFix.exe to your desktop.

Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Proud member of ASAP since 2005

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Come join us in the Class Room and learn how.

#3 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 14 March 2006 - 11:16 AM

hi susan. thanks for taking the time to reply.

i looked at another post having a problem with download.trojan and noticed that they were advised to use
ewido. so i tried it and it said that it removed the problem.

then after i saw your post, i downloaded vundofix and ran it
however it did not find any files, and there was nothing to remove

here is the vundotxt file

VundoFix V4.2.33

Checking Java version...

Java version is 1.5.0.6

Scan started at 10:33:19 PM 3/14/2006

Listing files found while scanning....

No infected files were found.

VundoFix V4.2.33

Checking Java version...

Java version is 1.5.0.6

Scan started at 10:34:52 PM 3/14/2006

Listing files found while scanning....

No infected files were found.

i tried it twice.

here is the updated hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 10:40:57 PM, on 3/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sify Broadband\BBImpSec.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\TEMP\win4030.tmp.exe
C:\Program Files\Sify Broadband\BBClient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.rediff.com/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
O1 - Hosts: 203.197.24.163 www.citibank.co.in
O1 - Hosts: 210.210.19.82 www.sifymall.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Sonic RecordNow!] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager2\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlpage.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O15 - Trusted Zone: *.offshoreclicks.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134760175217
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.....cab?refid=1123
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD3C56A-A00B-447A-B6D4-CFEAADC80688}: NameServer = 202.144.115.4,202.144.66.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DEB1604-C1D9-4235-AF0E-6660BCD9D9C8}: NameServer = 202.144.115.4,202.144.10.50
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: winnpx32 - C:\WINDOWS\SYSTEM32\winnpx32.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

hope i didnt do anything wrong! should i do anything else?
thanks for helping.

Edited by Unforgiven, 14 March 2006 - 11:21 AM.

#4 Susan528

SuperMember

Authentic Member
3,194 posts

Posted 14 March 2006 - 11:42 AM

Hello Unforgiven,

Let's do this:

STEP 1.
======
Look2Me

You have the latest version of VX2. Download L2mfix from one of these two locations:

http://www.atribune....oads/l2mfix.exe
http://www.downloads....org/l2mfix.exe

You may receive pop-up asking if you will allow script to run when you perform the following instructions. Please allow the script to run.

Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log. Copy the contents of that log and paste it into this thread.

IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until you are asked to do so!

If you receive, while running option #1, an error similar like: ''C:\windows\system32\cmd.exe
C:\windows\system32\autoexec.nt the system file is not suitable for running ms-dos and microsoft windows applications. choose close to terminate the application.."...then please use option 5 or the web page link in the l2mfix folder to solve this error condition. do not run the fix portion without fixing this first.

#5 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 15 March 2006 - 12:03 AM

wow this is long. here is the l2mfix log. thanks once again L2MFIX find log 010406 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] @="" "DLLName"="igfxsrvc.dll" "Asynchronous"=dword:00000001 "Impersonate"=dword:00000001 "Unlock"="WinlogonUnlockEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winnpx32] "Asynchronous"=dword:00000001 "DllName"="winnpx32.dll" "Impersonate"=dword:00000000 "Startup"="EvtStartup" "Shutdown"="EvtShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Multimedia File Property Sheet" "{176d6597-26d3-11d1-b350-080036a75b03}"="ICM Scanner Management" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS Security Page" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE Docfile Property Page" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shell extensions for sharing" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Display Adapter CPL Extension" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Display Monitor CPL Extension" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Display Panning CPL Extension" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS Security Page" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Compatibility Page" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell Scrap DataHandler" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Disk Copy Extension" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shell extensions for Microsoft Windows Network objects" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM Monitor Management" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM Printer Management" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shell extensions for file compression" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Web Printer Shell Extension" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Encryption Context Menu" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Briefcase" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal Icon Ext" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC Profile" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Printers Security Page" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shell extensions for sharing" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO Extension" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto Sign Extension" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Network Connections" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Network Connections" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners & Cameras" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners & Cameras" "{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners & Cameras" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners & Cameras" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners & Cameras" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Data Link" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Scheduled Tasks" "{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taskbar and Start Menu" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Search" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Help and Support" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Help and Support" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Run..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-mail" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fonts" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Administrative Tools" "{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page" "{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Search Band" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Address" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service" "{FF393560-C2A7-11CF-BFF4-444553540000}"="History" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="The Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX Cache Folder" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Application Manager" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Installed Apps Enumerator" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ file thumbnail extractor" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Summary Info Thumbnail handler (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML Thumbnail Extractor" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Web Publishing Wizard" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Print Ordering via the Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell Publishing Wizard Object" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Get a Passport Wizard" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="User Accounts" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Channel File" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Channel Shortcut" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Offline Files Folder" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="For &People..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{ED58A35B-B554-42AF-A26C-6F3D424200D3}"="Sony Power Management Extensiond" "{DEE12703-6333-4D4E-8F34-738C4DCC2E04}"="RecordNow! SendToExt" "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension" "{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache" "{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Web Folders" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band" "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes" "{52B87208-9CCF-42C9-B88E-069281105805}"="Trojan Remover Shell Extension" "{B6122A50-EAB5-11D3-9E7F-EBF4F0595714}"="Tauscan Menu" ********************************************************************************** HKEY ROOT CLASSIDS: ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ adserv~1.dll Tue Mar 14 2006 9:54:14a A.... 49,152 48.00 K gdi32.dll Thu Dec 29 2005 8:24:36a A.... 280,064 273.50 K legitc~1.dll Tue Feb 14 2006 9:20:14a A.... 550,120 537.23 K s32evnt1.dll Tue Jan 31 2006 2:35:34p A.... 91,904 89.75 K sirenacm.dll Wed Jan 25 2006 1:04:24a A.... 118,784 116.00 K spmsg.dll Mon Feb 13 2006 7:03:38p ..... 8,632 8.43 K webclnt.dll Wed Jan 4 2006 9:05:06a A.... 68,096 66.50 K winnpx32.dll Tue Mar 14 2006 9:52:58a A.... 17,408 17.00 K wmp.dll Mon Dec 19 2005 7:30:46p A.... 4,730,880 4.51 M 9 items found: 9 files, 0 directories. Total of file sizes: 5,915,040 bytes 5.64 M Locate .tmp files: No matches found. ********************************************************************************** Directory Listing of system files: Volume in drive C is VAIO Volume Serial Number is 54A5-8EF0 Directory of C:\WINDOWS\System32 03/11/2006 01:45 AM <DIR> dllcache 08/26/2004 04:30 AM <DIR> Microsoft 0 File(s) 0 bytes 2 Dir(s) 3,480,920,064 bytes free

#6 Susan528

SuperMember

Authentic Member
3,194 posts

Posted 15 March 2006 - 10:12 AM

Hello Unforgiven,

Don't worry about doing something wrong. Just be patient because your system is still infected.

STEP 1.
======
MWAV Scan
Please download MWAV to a convenient location.
This scan only produces a report, it doesn't clean your system. I will analyze the report and recommend a course of action depending on the results.
This scan might take around 3+ hours to finish when set to scan everything.

Double-click on mwav.exe.
Put a check next to the below items before scanning:

Memory
Startup Folders
Drive - All Local Drives
Folder - then click "browse" to change the directory to C: (default is C:\Windows)
Registry
System Folders
Services
Include Sub-Directory
Scan All Files

Please make sure ALL of these are checked, then press the Scan button. This typically will take hours to complete.

**NOTE*** Sometimes MWav will pause and it appears to be finished, but it isn't done. Just let it run until it says it's complete.

On the bottom portion of the window, you will see the lower panel where MWav is listing "infected items", please highlight everything in that lower panel and copy them by holding CTRL + C then paste it here. The whole log will be extremely BIG so there is no way to post the log. I just need the infected items list.

Blacklight

This scan is just checking for Rootkits
Download Blacklight Beta from here:
http://www.f-secure....light/try.shtml

Hit I accept. It will take you to download page.
Download blbeta.exe and save it to the Desktop.
Once saved... double click blbeta.exe to install the program.
Click accept agreement and Click scan
This app too may fire off a warning from antivirus. Let the driver load.
Wait for it to finish.
If it displays any items...don't do anything with them yet. Just hit exit (close)
It will drop a log on Desktop that starts with fsbl....big number

Please post contents of log.

#7 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 16 March 2006 - 02:29 AM

hi susan this is the mwav scan results File C:\WINDOWS\system32\winnpx32.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\WINDOWS\TEMP\win3EF2.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\system32\winnpx32.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "180solutions Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "cydoor.topicks.a Spyware/Adware" found in File System! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc10.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc100.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc101.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc102.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc103.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc104.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc105.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc106.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc107.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc108.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc109.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc11.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc110.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc111.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc112.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc113.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc114.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc115.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc116.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc117.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc118.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc119.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc12.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc120.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc121.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc122.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc123.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc124.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc125.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc126.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc127.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc128.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc129.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc13.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc130.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc131.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc132.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc133.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc134.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc135.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc136.exe infected by "Trojan-Downloader.Win32.PurityScan.bu" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc137.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc138.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc139.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc14.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc140.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc141.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc142.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc143.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc144.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc145.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc15.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc16.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc17.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc18.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc19.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc2.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc20.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc21.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc22.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc23.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc24.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc25.tmp infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc26.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc27.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc28.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc29.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc3.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc30.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc31.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc32.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc33.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc34.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc35.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc36.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc37.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc38.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc39.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc4.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc40.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc41.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc42.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc43.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc44.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc45.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc46.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc47.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc48.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc49.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc5.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc50.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc51.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc52.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc53.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc54.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc55.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc56.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc57.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc58.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc59.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc6.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc60.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc61.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc62.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc63.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc65.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc66.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc67.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc68.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc69.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc7.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc70.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc71.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc72.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc73.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc74.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc75.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc76.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc77.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc78.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc79.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc8.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc80.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc81.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc82.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc83.exe tagged as "not-a-virus:AdWare.Win32.ISearch.d". Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc84.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc85.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc86.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc87.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc88.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc89.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc9.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc90.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc91.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc92.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc93.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc94.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc95.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc96.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc97.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc98.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\RECYCLER\S-1-5-21-2104810869-1462883565-1033850847-1004\Dc99.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aelmcimd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aipeopmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\angggcmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aoblejmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aokpklmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bbnonmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bcbnjhmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bclbocmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bdoomomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bfigidmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bhocblmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bjdlilmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bnkepond.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\cdbbjmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ckaghgmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\cmmncmnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\dmmfofmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ecdhhkmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ejagefmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\elabddmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\engfhomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\enmokind.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\fglinemd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\fmpiaimd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\gdnkammd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\gjoabhmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\habdlnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hanbkhmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hchcbomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hghaecmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hjpmppmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hpoadpmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ihieafmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ijgohond.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jboeigmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jedffnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jiopnomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jjmajpnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jmiaklmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\kbmgcnnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\khblgkmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\khfcejmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\kiolmgmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\koamlimd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ldfogdmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\lfjjnnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mepkhgmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mifmknmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mkelkemd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ndglcfmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\nigphnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\nlnbahmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\nmkobmnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\npafhknd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ofnnmmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ogklmond.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ohojoood.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\oiilnbmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\oimoffmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ojkdenmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\olbhcmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pdgnigmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pghdbemd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pohmhlnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win22E7.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win2537.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win2D9A.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win2E66.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win39C1.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3AAD.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3AB2.tmp infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3AB2.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3B22.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3E26.tmp infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3E82.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3EF2.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3FF8.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3FFD.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win4030.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win4044.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File D:\Setups\ares.exe tagged as "not-a-virus:AdWare.Win32.NavExcel.d". Action Taken: No Action Taken. File D:\Setups\iMeshV4.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.d". Action Taken: No Action Taken. File C:\Documents and Settings\Ajay Makhija\Local Settings\Temporary Internet Files\Content.IE5\6RPGBLWO\rdgIN2404[1].exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000345.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000346.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000347.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000348.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000349.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000350.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000351.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000352.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000353.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000354.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000355.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000356.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000357.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000358.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000359.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000360.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000361.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000362.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000363.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000364.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000365.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000366.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000367.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000368.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000369.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000370.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000371.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000372.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000373.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000374.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000375.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000376.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000377.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000378.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000379.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000380.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000381.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000382.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000383.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000384.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000385.exe infected by "Trojan-Downloader.Win32.PurityScan.bu" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000386.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000387.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000388.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000389.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000390.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000391.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000392.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000393.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000394.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000395.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000396.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000397.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000398.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000399.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000400.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000401.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000402.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000403.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000404.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000405.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000406.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000407.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000408.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000409.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000410.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000411.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000412.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000413.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000414.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000415.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000416.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000417.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000418.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000419.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000420.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000421.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000422.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000423.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000424.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000425.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000426.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000427.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000428.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000429.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000430.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000431.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000432.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000433.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000434.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000435.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000436.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000437.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000438.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000439.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000440.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000441.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000442.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000443.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000444.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000445.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000446.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000447.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000448.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000450.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000451.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000452.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000453.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000454.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000455.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000456.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000457.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000458.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000459.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000460.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000461.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000462.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{

Edited by Unforgiven, 16 March 2006 - 02:32 AM.

#8 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 16 March 2006 - 02:34 AM

File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000462.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000463.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000464.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000465.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000466.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000467.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000468.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000469.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000470.exe tagged as "not-a-virus:AdWare.Win32.ISearch.d". Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000471.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000472.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000473.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000474.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000475.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000476.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000477.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000478.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000479.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000480.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000481.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000482.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000483.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000484.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000485.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000486.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000487.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aelmcimd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aipeopmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\angggcmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aoblejmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\aokpklmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bbnonmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bcbnjhmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bclbocmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bdoomomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bfigidmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bhocblmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bjdlilmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\bnkepond.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\cdbbjmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ckaghgmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\cmmncmnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\dmmfofmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ecdhhkmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ejagefmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\elabddmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\engfhomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\enmokind.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\fglinemd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\fmpiaimd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\gdnkammd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\gjoabhmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\habdlnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hanbkhmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hchcbomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hghaecmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hjpmppmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\hpoadpmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ihieafmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ijgohond.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jboeigmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jedffnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jemdhkod.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jiopnomd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jjmajpnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\jmiaklmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\kbmgcnnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\khblgkmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\khfcejmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\kiolmgmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\koamlimd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ldfogdmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\lfjjnnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mepkhgmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mfbablod.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mifmknmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\mkelkemd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ndglcfmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\nigphnmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\nlnbahmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\nmkobmnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\npafhknd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\oamakiod.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ofnnmmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ogklmond.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ohojoood.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\oiilnbmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\oimoffmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\ojkdenmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\olbhcmmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pdgnigmd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pedcgmod.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pghdbemd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\pohmhlnd.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win22E7.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win2537.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win2D9A.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win2E66.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win39C1.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3AAD.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3AB2.tmp infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3AB2.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3B22.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3E26.tmp infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3E82.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3EF2.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3FF8.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win3FFD.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win4030.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\WINDOWS\Temp\win4044.tmp.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. and this is the blacklight log 03/15/06 22:09:12 [Info]: BlackLight Engine 1.0.33 initialized 03/15/06 22:09:12 [Info]: OS: 5.1 build 2600 (Service Pack 2) 03/15/06 22:09:13 [Note]: 7019 4 03/15/06 22:09:13 [Note]: 7005 0 03/15/06 22:09:28 [Note]: 7006 0 03/15/06 22:09:28 [Note]: 7011 756 03/15/06 22:09:29 [Note]: FSRAW library version 1.7.1015 03/15/06 22:13:13 [Note]: 7007 0 thank you for your time.

#9 Susan528

SuperMember

Authentic Member
3,194 posts

Posted 16 March 2006 - 10:11 AM

STEP 1.
======
Cleanmgr
To clean temporary files:

Go > start > run and type cleanmgr and click OK
Scan your system for files to remove.
Make sure Temporary Files, Temporary Internet Files and Recycle Bin are the only things checked.
Click OK to remove those files.
Click Yes to confirm deletion.

To delete the files in the Temporary Internet Files folder, follow these steps:.

. Quit Internet Explorer and quit any instances of Windows Explorer.
. Click Start, click Control Panel and then double-click Internet Options
. On the General tab, click Delete Files under Temporary Internet Files.
. In the Delete Files dialog box, click to select the Delete all offline content check box , and then click OK.
. Click OK.

Show Hidden Files
Please show all files for your system.
You will need to reverse this process when all steps are done.

Please browse to the following folder and make sure that the files were deleted in this folder.
C:\WINDOWS\Temp\

Please empty your Recycle Bin.

Disable Ewido:
Please disable Ewido, as it may interfere with the fix.
To disable Ewido:
From the system tray:

Right-click the system tray icon and uncheck real time protection.
or From within Ewido -
Under 'Your security status', if the real time protection is active, deactivate it by clicking 'real time protection' until the status says 'inactive'.

Once your log is clean you can re-enable Ewido.

Disable Microsoft Windows Defender:
We need to disable your Microsoft Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.

Open Microsoft Windows Defender. Click Start, Programs, Windows Defender
Click on Tools, General Settings.
Under Real-time protection options, unselect the Turn on real-time protection check box
Click Save

After all of the fixes are complete it is very important that you enable Real-time Protection again.

STEP 2.
======
CWShredder

Please download and run CWShredder
Make sure that all browser windows are closed with the exception of Cwshredder and choose FIX.

Close all programs leaving only HijackThis running. Place a check against each of the following:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
O15 - Trusted Zone: *.offshoreclicks.com
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.....cab?refid=1123
O20 - Winlogon Notify: winbys32 - C:\WINDOWS\SYSTEM32\winbys32.dll
Click on Fix Checked when finished and exit HijackThis.

STEP 3.
======
Delete Files with Killbox

Download Pocket Killbox from http://www.downloads...org/KillBox.zip and unzip it; save it to your Desktop. DO NOT RUN IT YET.
==========
Double-click on KillBox.exe to launch the program. It is the red circle with a large white X in it
- Highlight the files in bold RED below and press the Ctrl key and the C key at the same time to copy them to the clipboard
C:\WINDOWS\system32\winnpx32.dll
C:\WINDOWS\SYSTEM32\winbys32.dll

In Killbox click on the File menu and then the Paste from Clipboard item
in the Full Path of File to Delete field drop down the arrow and make sure that all of the files are listed
(Please note that the tool checks your computer for the presence of the files pasted into the box so if files are not present, it is possible that you might not see all files you pasted into the box.)
Click the option to Delete on Reboot
- If not greyed out click the checkbox for Unregister .dll Before Deleting
- click End Explorer Shell while Killing File
- Now click on the red button with a white 'X' in the middle to delete the files
- Click Yes when it says all files will be deleted on the next reboot
- Click Yes when it asks if you want to reboot now
(Note: If you get a "PendingFileRenameOperations Registry Data has been Removed by External Process!" message then just reboot manually)

Note: Killbox will let you know if a file does not exist. If that happens, just continue on.

If you have any issues with this method you can copy and paste the lines one at a time into the killbox top box. Then click the "Single File" button. Then click the Red X ...and for the confirmation message that will appear, you will need to click Yes. A second message will ask to Reboot now? you will need to click No until the last one at which time you click yes to allow the reboot.

Post back a fresh HijackThis log and another MWAV report.

#10 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 16 March 2006 - 07:54 PM

hi susan

here is the hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 11:07:40 PM, on 3/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sify Broadband\BBImpSec.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Sify Broadband\BBClient.exe
C:\Program Files\Symantec\LiveUpdate\LUALL.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.rediff.com/index.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
O1 - Hosts: 203.197.24.163 www.citibank.co.in
O1 - Hosts: 210.210.19.82 www.sifymall.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Sonic RecordNow!] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager2\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlpage.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134760175217
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD3C56A-A00B-447A-B6D4-CFEAADC80688}: NameServer = 202.144.115.4,202.144.66.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DEB1604-C1D9-4235-AF0E-6660BCD9D9C8}: NameServer = 202.144.115.4,202.144.10.50
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

and this is the mvaw scan result

Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "180solutions Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "ares Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cydoor.topicks.a Spyware/Adware" found in File System! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000345.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000346.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000347.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000348.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000349.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000350.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000351.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000352.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000353.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000354.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000355.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000356.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000357.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000358.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000359.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000360.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000361.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000362.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000363.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000364.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000365.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000366.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000367.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000368.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000369.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000370.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000371.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000372.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000373.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000374.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000375.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000376.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000377.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000378.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000379.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000380.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000381.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000382.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000383.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000384.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000385.exe infected by "Trojan-Downloader.Win32.PurityScan.bu" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000386.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000387.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000388.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000389.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000390.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000391.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000392.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000393.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000394.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000395.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000396.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000397.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000398.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000399.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000400.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000401.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000402.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000403.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000404.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000405.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000406.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000407.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000408.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000409.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000410.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000411.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000412.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000413.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000414.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000415.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000416.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000417.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000418.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000419.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000420.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000421.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000422.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000423.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000424.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000425.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000426.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000427.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000428.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000429.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000430.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000431.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000432.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000433.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000434.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000435.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000436.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000437.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000438.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000439.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000440.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000441.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000442.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000443.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000444.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000445.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000446.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000447.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000448.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000450.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000451.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000452.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000453.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000454.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000455.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000456.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000457.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000458.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000459.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000460.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000461.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000462.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000463.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000464.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000465.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000466.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000467.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000468.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000469.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000470.exe tagged as "not-a-virus:AdWare.Win32.ISearch.d". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000471.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000472.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000473.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000474.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000475.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000476.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000477.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000478.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000479.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000480.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000481.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000482.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000483.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000484.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000485.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000486.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000487.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000497.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken.
File D:\Setups\ares.exe tagged as "not-a-virus:AdWare.Win32.NavExcel.d". Action Taken: No Action Taken.
File D:\Setups\iMeshV4.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.d". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000345.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000346.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000347.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000348.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000349.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000350.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000351.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000352.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000353.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000354.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000355.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000356.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000357.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000358.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000359.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000360.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000361.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000362.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000363.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000364.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000365.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000366.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000367.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000368.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000369.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000370.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000371.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000372.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000373.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000374.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000375.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000376.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000377.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000378.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000379.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000380.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000381.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000382.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000383.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000384.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000385.exe infected by "Trojan-Downloader.Win32.PurityScan.bu" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000386.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000387.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000388.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000389.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000390.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000391.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000392.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000393.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000394.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000395.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000396.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000397.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000398.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000399.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000400.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000401.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000402.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000403.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000404.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000405.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000406.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000407.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000408.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000409.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000410.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000411.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000412.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000413.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000414.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000415.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000416.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000417.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000418.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000419.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000420.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000421.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000422.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000423.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000424.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken.
File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000425.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken.
F

#11 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 16 March 2006 - 07:56 PM

File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000425.dll infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000426.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000427.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000428.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000429.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000430.exe tagged as "not-a-virus:Porn-Dialer.Win32.Agent.z". Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000431.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000432.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000433.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000434.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000435.exe infected by "Email-Worm.Win32.Nyxem.e" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000436.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000437.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000438.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000439.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000440.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000441.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000442.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000443.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000444.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000445.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000446.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000447.exe infected by "Trojan-Downloader.Win32.Adload.j" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000448.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000450.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000451.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000452.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000453.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000454.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000455.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000456.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000457.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000458.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000459.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000460.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000461.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000462.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000463.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000464.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000465.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000466.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000467.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000468.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000469.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000470.exe tagged as "not-a-virus:AdWare.Win32.ISearch.d". Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000471.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000472.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000473.exe infected by "Trojan-Dropper.Win32.PurityScan.ad" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000474.exe infected by "Trojan-Downloader.Win32.IstBar.eq" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000475.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000476.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000477.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000478.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000479.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000480.exe infected by "Trojan.Win32.Dialer.oy" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000481.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000482.exe infected by "Trojan-Downloader.Win32.Small.ayl" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000483.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000484.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000485.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000486.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000487.exe infected by "Trojan.Win32.Dialer.ay" Virus! Action Taken: No Action Taken. File C:\System Volume Information\_restore{1469DB7D-5914-450F-B832-180D913894CC}\RP6\A0000497.dll infected by "Trojan-Downloader.Win32.Small.cml" Virus! Action Taken: No Action Taken. thanks

#12 Susan528

SuperMember

Authentic Member
3,194 posts

Posted 16 March 2006 - 08:48 PM

Hello Unforgiven,

You have one incomplete remnant in your hijackthis log that can be deleted.

Close all programs leaving only HijackThis running. Place a check against each of the following:
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} -
Click on Fix Checked when finished and exit HijackThis.

Then please run post new hijackthis.

#13 Unforgiven

Authentic Member

Authentic Member
39 posts

Posted 17 March 2006 - 03:46 AM

Hi Susan,

what about the infected files in my system restore area? shouldn't we get rid of them as well ?

New log file

Logfile of HijackThis v1.99.1
Scan saved at 3:10:33 PM, on 3/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Sify Broadband\BBImpSec.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Sify Broadband\BBClient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://in.rediff.com/index.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
O1 - Hosts: 203.197.24.163 www.citibank.co.in
O1 - Hosts: 210.210.19.82 www.sifymall.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SifyBB] C:\Program Files\Sify Broadband\BBImpSec.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Sonic RecordNow!] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager2\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager2\dlpage.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Open In New Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1134760175217
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall....ivex/hcImpl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0DD3C56A-A00B-447A-B6D4-CFEAADC80688}: NameServer = 202.144.115.4,202.144.66.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{7DEB1604-C1D9-4235-AF0E-6660BCD9D9C8}: NameServer = 202.144.115.4,202.144.10.50
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)

thanks a lot. really appreciate the time and effort.

#14 Susan528

SuperMember

Authentic Member
3,194 posts

Posted 17 March 2006 - 05:52 AM

Hello Unforgiven,

Your hijackthis log appears to be clean. Now for the final clean-up.

System Restore for Windows XP
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)

Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Reboot.

Turn ON System Restore.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

======
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
Test your Firewall - Please test your firewall and make sure it is working properly.
Test Firewall
Visit Microsoft's Update Site Frequently - It is important that you visit Windows Updates regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.
A tutorial on installing & using this product can be found here:
Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers
Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.
A tutorial on installing & using this product can be found here:
Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer
Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
A tutorial on installing & using this product can be found here:
Using SpywareBlaster to protect your computer from Spyware and Malware
Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
More info on how to prevent malware you can also find How I got Infected in the First Place (By Tony Klein)

Follow this list and your potential for being infected again will reduce dramatically.

Thank you for allowing me to assist you.

Susan

Edited by Susan528, 17 March 2006 - 05:53 AM.

Body Background

skin color theme