Results 1 to 4 of 4

Thread: virtumonde help needed

  1. 2007-11-24, 00:50 #1
    timd32
    timd32 is offline
    Junior Member
    Join Date
    Nov 2007
    Location
    NJ
    Posts
    4

    Default virtumonde help needed

    Had and still have some issues.

    Had Smitfraud-C, used smitfraudfix did not work out for what I had.

    Combofix got rid of most of the smitfraud-c stuff it seems.

    Now all I come up with Virtumonde is and used Vundofix which would remove all but one file. Better to ask for some help then then try to struggle any longer and make more of a mess out of this.




    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:38:13 PM, on 11/23/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\ArchestrA\aaLogger.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\basfipm.exe
    C:\Program Files\Common Files\ArchestrA\NTServApp.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Siemens\S7BIN\s7asysvx.exe
    C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
    C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
    C:\Program Files\Common Files\ArchestrA\slssvc.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlagent.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Venturi Client\Client\ventc.exe
    C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\CyberLink\PowerDVD\bak\DVDLauncher.exe
    C:\Program Files\Common Files\Siemens\S7ubtoox\S7ubtoox.exe
    C:\Program Files\Common Files\Siemens\Sqlany\dbsrv7.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
    O4 - HKLM\..\Run: [fca0d631] rundll32.exe "C:\WINDOWS\system32\csgyywfc.dll",b
    O4 - HKLM\..\Run: [{0D-D6-69-9E-ZN}] C:\Documents and Settings\Tim\Local Settings\Temp\T0CHD001.exe CHD001
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Paradyne ADSL Network Driver V2.3] C:\WINDOWS\netcfgx32.exe
    O4 - HKCU\..\Run: [Tair] "C:\DOCUME~1\Tim\MYDOCU~1\RACLE~1\alg.exe" -vt yazb
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.0_01\bin\npjpi140_01.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.0_01\bin\npjpi140_01.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1191689394187
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = jdclighting.com
    O17 - HKLM\Software\..\Telephony: DomainName = jdclighting.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{60027A13-E714-45CD-95CD-9703E51DE03F}: NameServer = 66.174.95.44 69.78.96.14
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = jdclighting.com
    O17 - HKLM\System\CS1\Services\Tcpip\..\{60027A13-E714-45CD-95CD-9703E51DE03F}: NameServer = 66.174.95.44 69.78.96.14
    O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
    O23 - Service: ArchestrA Logger (aaLogger) - Invensys Systems, Inc. - C:\Program Files\Common Files\ArchestrA\aaLogger.exe
    O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
    O23 - Service: FS Service Control - Wonderware Corporation - C:\Program Files\Common Files\ArchestrA\NTServApp.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\S7BIN\s7asysvx.exe
    O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
    O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
    O23 - Service: Wonderware SuiteLink (slssvc) - Invensys Systems, Inc. - C:\Program Files\Common Files\ArchestrA\slssvc.exe
    O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - C:\Program Files\Venturi Client\Client\ventc.exe
    O23 - Service: Wonderware NetDDE Helper (WWNetDDE) - Invensys Systems, Inc. - C:\Program Files\Common Files\ArchestrA\wwnetdde.exe

    --
    End of file - 7426 bytes
  2. 2007-11-24, 00:53 #2
    timd32
    timd32 is offline
    Junior Member
    Join Date
    Nov 2007
    Location
    NJ
    Posts
    4

    Default

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Friday, November 23, 2007 7:35:41 PM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 23/11/2007
    Kaspersky Anti-Virus database records: 464719
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    C:\
    D:\

    Scan Statistics:
    Total number of scanned objects: 144358
    Number of viruses found: 25
    Number of infected objects: 254
    Number of suspicious objects: 0
    Duration of the scan process: 02:07:28

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\All Users\Application Data\ArchestrA\LogFiles\TIMD1195842637.aaLDX Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\ArchestrA\LogFiles\TIMD1195842637.aaLOG Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\Agent_TIMD.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\PrdMgr_TIMD.log Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\OnAccessScanLog.txt Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Tim\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Tim\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Tim\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Tim\Local Settings\History\History.IE5\MSHist012007112320071124\index.dat Object is locked skipped
    C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Tim\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Tim\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\Common Files\Siemens\SWS\almsrv\almdb.ldb Object is locked skipped
    C:\Program Files\Common Files\Siemens\SWS\almsrv\almdb.mdb Object is locked skipped
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe Infected: Trojan-Downloader.Win32.Agent.awf skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\master.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\mastlog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\model.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\modellog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\tempdb.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Data\templog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\LOG\ERRORLOG Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\master.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\mastlog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\model.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\modellog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\msdbdata.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\msdblog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\tempdb.mdf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Data\templog.ldf Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\LOG\ERRORLOG Object is locked skipped
    C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\LOG\SQLAGENT.OUT Object is locked skipped
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe1177388478 Infected: Trojan-Downloader.Win32.Agent.awf skipped
    C:\Program Files\Venturi Client\Client\vent2.log Object is locked skipped
    C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.bak.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.z skipped
    C:\qoobox\Quarantine\C\WINDOWS\system32\a1\dnslook11.exe.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
    C:\qoobox\Quarantine\C\WINDOWS\system32\fibagbia\fibagbia3.exe.vir Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped
    C:\qoobox\Quarantine\C\WINDOWS\system32\g2\bemwdll3.exe.vir Infected: Trojan-Downloader.Win32.Small.gll skipped
    C:\qoobox\Quarantine\catchme2007-11-22_225206.57.zip/ldcore.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\qoobox\Quarantine\catchme2007-11-22_225206.57.zip ZIP: infected - 1 skipped
    C:\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
    C:\SmitfraudFix.exe RarSFX: infected - 2 skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP399\A0099876.rbf Infected: Trojan-Downloader.Win32.Agent.awf skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112256.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112257.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112273.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112274.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112294.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112295.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112306.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP475\A0112308.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP476\A0112330.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP476\A0112331.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP476\A0112344.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP476\A0112345.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112365.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112366.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112375.rbf Infected: Trojan-Downloader.Win32.Agent.awf skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112380.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112381.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112442.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP477\A0112443.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112469.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112470.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112493.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112494.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112502.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112503.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112529.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112530.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112545.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112546.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112556.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112557.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112578.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP478\A0112579.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP479\A0112606.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP479\A0112607.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP479\A0112618.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP479\A0112619.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP479\A0112647.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP479\A0112648.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0112663.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0112664.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0113646.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0113647.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0114646.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0114647.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0115648.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0115649.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116648.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116649.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116665.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116666.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116678.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116680.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116694.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0116695.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0117692.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP480\A0117693.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP481\A0117730.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP481\A0117731.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP481\A0117751.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
  3. 2007-11-24, 00:55 #3
    timd32
    timd32 is offline
    Junior Member
    Join Date
    Nov 2007
    Location
    NJ
    Posts
    4

    Default

    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP481\A0117752.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117818.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117819.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117841.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117842.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117852.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117853.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117870.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP482\A0117871.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117907.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117908.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117918.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117919.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117928.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117929.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117957.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP484\A0117958.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP485\A0117979.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP485\A0117980.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP485\A0117992.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP485\A0117993.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP485\A0118009.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP485\A0118010.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0118027.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0118028.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0118041.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0118042.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0119040.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0119041.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0120041.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP486\A0120042.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0120060.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0120061.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121060.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121061.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121073.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121074.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121089.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121090.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121103.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121104.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121239.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121240.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121252.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121253.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121280.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP487\A0121281.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP492\A0121317.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP492\A0121318.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP492\A0121341.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP492\A0121342.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP492\A0121355.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP492\A0121356.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121442.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121443.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121460.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121461.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121486.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121487.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121499.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121500.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121515.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP494\A0121517.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121553.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121554.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121576.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121577.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121607.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121608.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121627.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121628.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121643.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121644.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121655.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121656.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121674.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0121675.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0122674.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP495\A0122675.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0123675.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0123676.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0123691.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0123692.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0124689.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0124690.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0125687.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0125688.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0125717.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP496\A0125718.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP497\A0125756.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP497\A0125758.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP497\A0125772.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP497\A0125773.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP498\A0125811.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
  4. 2007-11-24, 00:56 #4
    timd32
    timd32 is offline
    Junior Member
    Join Date
    Nov 2007
    Location
    NJ
    Posts
    4

    Default

    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP498\A0125812.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP498\A0126811.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP498\A0126812.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP498\A0126832.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP498\A0126833.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0126883.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0126884.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0127881.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0127882.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0127897.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0127898.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0127910.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP499\A0127911.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0127927.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0127928.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0128929.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0128930.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0128981.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0128982.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0129977.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP500\A0129978.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130017.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130018.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130038.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130039.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130064.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130065.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130078.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0130079.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0131079.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0131080.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0131088.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP501\A0131089.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0131135.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0131136.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0131155.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0131156.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0131167.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0131168.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0132168.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP502\A0132169.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP503\A0132337.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP503\A0132338.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP508\A0139591.exe Infected: Trojan-Downloader.Win32.Adload.ni skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP509\A0140033.exe Infected: not-a-virus:Monitor.Win32.NetMon.a skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP509\A0140034.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140136.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140534.exe Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140535.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140561.exe Infected: Trojan-Downloader.Win32.Agent.awf skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140562.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140565.exe Infected: Trojan.Win32.Agent.crf skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140573.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.z skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0140574.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP510\A0141547.dll Infected: Trojan.Win32.Dialer.qn skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP511\A0144526.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP511\A0144544.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0144554.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.ac skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0144577.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0145566.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.ac skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0146573.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147584.exe Infected: Trojan-Downloader.Win32.Small.gnk skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147592.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.ac skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147596.exe Infected: Trojan-Downloader.Win32.Small.gnk skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147598.exe Infected: Trojan-Downloader.Win32.Small.gll skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147600.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147656.exe Infected: not-a-virus:Dialer.Win32.Agent.r skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147670.exe Infected: not-a-virus:Downloader.Win32.WinFixer.au skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147672.exe/data0006 Infected: Trojan-Downloader.Win32.VB.bto skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0147672.exe NSIS: infected - 1 skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0148347.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0149370.exe Infected: not-a-virus:Downloader.Win32.UltimateFix.d skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0149376.exe Infected: Trojan-Downloader.Win32.Small.buy skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0149377.exe Infected: Trojan-Downloader.Win32.Small.gll skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP512\A0149381.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP519\A0151142.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP519\A0151143.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped
    C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP519\change.log Object is locked skipped
    C:\VundoFix Backups\efcbaxy.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.apx skipped
    C:\VundoFix Backups\eryjreee.dll.bad Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped
    C:\VundoFix Backups\wnvvstod.dll.bad Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped
    C:\WINDOWS\CSC\00000001 Object is locked skipped
    C:\WINDOWS\Debug\Netlogon.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\fsclient32.dll Infected: Backdoor.Win32.Rbot.ezy skipped
    C:\WINDOWS\mcithread.dll Infected: Trojan-Spy.Win32.Delf.ait skipped
    C:\WINDOWS\ModemLog_Novatel Wireless Merlin CDMA EV-DO Modem.txt Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\config\WinCCLog.evt Object is locked skipped
    C:\WINDOWS\system32\csgyywfc.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.aps skipped
    C:\WINDOWS\system32\efcbaxy.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.apx skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\urqrpnm.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.arf skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\system32\xxxldcore.dll Infected: Trojan-Downloader.Win32.Small.gkh skipped
    C:\WINDOWS\TEMP\JETC5BC.tmp Object is locked skipped
    C:\WINDOWS\TEMP\Perflib_Perfdata_7a8.dat Object is locked skipped
    C:\WINDOWS\TEMP\Perflib_Perfdata_c0.dat Object is locked skipped
    C:\WINDOWS\VGlt\asappsrv.dll Infected: not-a-virus:AdWare.Win32.CommAd.a skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules