Page 3 of 6 FirstFirst 123456 LastLast
Results 21 to 30 of 51

Thread: another infection

  1. #21
    Security Expert: Emeritus Shaba's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,644

    Default

    Hi

    No.

    Do again a system restore.

    After that, make your hidden and system files visible -> http://www.xtra.co.nz/help/0,,4155-1916458,00.html

    Delete these manually:

    C:\WINDOWS\SYSTEM32\fueknnwm.ini
    C:\WINDOWS\SYSTEM32\hmnxctde.ini
    C:\WINDOWS\SYSTEM32\RCX315.tmp
    C:\WINDOWS\SYSTEM32\bfhgqssn.ini
    C:\WINDOWS\mrofinu572.exe.tmp
    C:\WINDOWS\SYSTEM32\xv2
    C:\WINDOWS\SYSTEM32\edcA01
    C:\WINDOWS\SYSTEM32\ap3
    C:\Temp\Ryuan1
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    C:\Program Files\Messenger\msmsgs .exe

    After that:

    First we'll need to backup registry:

    Start -> Run -> regedit -> ok. Then File -> Export. Give it a name and press Save.

    Save text below as fix.reg on Notepad (save it as all files (*.*)) on Desktop

    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Ktg"=-

    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqomjj]

    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aida]

    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service]

    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPS]

    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinTools]

    It should look like this ->

    Doubleclick fix.reg, press Yes and ok.

    (In case you are unsure how to create a reg file, take a look here with screenshots.)

    Reboot.

    Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
    1. Close all applications and windows.
    2. Double-click on dss.exe to run it, and follow the prompts.
    3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
    4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
    Last edited by Shaba; 2008-01-23 at 20:00.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  2. #22
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    i went to delete those files but couldnt find the following:
    C:\Temp\Ryuan1
    C:\WINDOWS\SYSTEM32\RCX315.tmp
    C:\WINDOWS\mrofinu572.exe.tmp

    I deleted the rest though.

    Here is extra.txt

    Deckard's System Scanner v20071014.68
    Extra logfile - please post this as an attachment with your post.
    --------------------------------------------------------------------------------

    -- System Information ----------------------------------------------------------

    Microsoft Windows XP Home Edition (build 2600) SP 2.0
    Architecture: X86; Language: English

    CPU 0: Intel(R) Pentium(R) 4 CPU 3.00GHz
    CPU 1: Intel(R) Pentium(R) 4 CPU 3.00GHz
    Percentage of Memory in Use: 38%
    Physical Memory (total/avail): 1022.98 MiB / 626.34 MiB
    Pagefile Memory (total/avail): 2463.73 MiB / 2094.43 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1937.68 MiB

    A: is Removable (No Media)
    C: is Fixed (NTFS) - 145.5 GiB total, 58.5 GiB free.
    D: is CDROM (No Media)
    E: is CDROM (No Media)

    \\.\PHYSICALDRIVE0 - ST3160023AS - 149.05 GiB - 3 partitions
    \PARTITION0 - Unknown - 47.03 MiB
    \PARTITION1 (bootable) - Installable File System - 145.5 GiB - C:
    \PARTITION2 - Unknown - 3.5 GiB



    -- Security Center -------------------------------------------------------------

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is enabled.


    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    -- Environment Variables -------------------------------------------------------

    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\Documents and Settings\Tobi\Application Data
    CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
    CLIENTNAME=Console
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=SA1BOT
    ComSpec=C:\WINDOWS\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Tobi
    LOGONSERVER=\\SA1BOT
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0304
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TEMP=C:\DOCUME~1\Tobi\LOCALS~1\Temp
    TMP=C:\DOCUME~1\Tobi\LOCALS~1\Temp
    USERDOMAIN=SA1BOT
    USERNAME=Tobi
    USERPROFILE=C:\Documents and Settings\Tobi
    windir=C:\WINDOWS


    -- User Profiles ---------------------------------------------------------------

    Tobi (admin)


    -- Add/Remove Programs ---------------------------------------------------------

    --> "C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S /R
    --> C:\PROGRA~1\CALLOF~3\Uninstall\Unwise.exe /u C:\PROGRA~1\CALLOF~3\Uninstall\Install.log
    --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
    --> C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
    --> C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    --> C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    --> MsiExec /X{82D8304F-73D7-4EE6-8472-D0684BAA2865}
    --> MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E}
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
    --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
    --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
    Adobe Flash Player 9 --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
    Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
    Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
    AGEIA PhysX v7.05.06 --> MsiExec.exe /X{82D8304F-73D7-4EE6-8472-D0684BAA2865}
    Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
    Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
    ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    Azureus Vuze --> C:\Program Files\Azureus\uninstall.exe
    Battlefield 2 Standalone Demo Server --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6DC2B13F-9352-465D-9019-10966C97B1C0}\setup.exe" -l0x9 -removeonly
    Battlefield 2(TM) Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8BECF123-B0EF-4E51-B7F3-923EFE15CC4A}\setup.exe" -l0x9 -removeonly
    BitTorrent 5.0.9 --> "C:\Program Files\BitTorrent\uninstall.exe"
    Breaking50 Mod --> C:\Program Files\Call of Duty\Breaking50\Uninstal.exe
    Broadcom Advanced Control Suite --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{468190DA-FB4C-45BA-8E40-4B165FF1A939} /l1033
    Call of Duty Game of the Year Edition --> C:\PROGRA~1\CALLOF~3\Uninstall\Unwise.exe /u C:\PROGRA~1\CALLOF~3\Uninstall\Install.log
    Catalyst Registration --> MsiExec.exe /X{5E2691D1-9EDF-43E8-9CF2-E3DF6A17706E}
    CC_ccProxyMSI --> MsiExec.exe /I{A398F2DC-D706-4bb2-AC38-5532CD229D08}
    CC_ccStart --> MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
    ccCommon --> MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
    Classic PhoneTools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\setup.exe" -l0x9 ControlPanel
    Colin McRae Rally 04 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8718F95-21A1-44B9-97EC-679C93020BAE}\setup.exe" -l0x9
    Conflict Vietnam Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{239D8C0E-CF49-4D45-9C9C-E21674BC0342}\setup.exe" -l0x9
    CureROM Pro 1.3.1 --> C:\Program Files\CureROM\uninst.exe
    Deer Hunter - The 2005 Season --> "C:\Program Files\Atari\Deer Hunter 2005\unins000.exe"
    Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
    Dell Media Experience --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
    Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
    Dell Support --> MsiExec.exe /X{43FCA273-9534-40DB-B7C5-D7758875616A}
    DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Pro Trial --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Doom 3 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}
    GiPo@MoveOnBoot 1.9.5 --> MsiExec.exe /I{9F185C48-595B-401A-A1D6-AAB324890DC4}
    Half-Life: Counter-Strike --> C:\Sierra\COUNTE~1\UNWISE.EXE C:\Sierra\COUNTE~1\INSTALL.LOG
    HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
    IL-2 Sturmovik 1946 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{79438F1E-DEC3-443D-9DCD-FECE2D68C605} /l1033
    IL-2 Sturmovik Demo --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ubi Soft\IL-2 Sturmovik Demo\Uninst.isu"
    IL-2 Sturmovik: Forgotten Battles AEP --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{D2BBEABB-A8DF-4451-A7C4-63C87B31E325} /l1033
    Intel(R) 537EP V9x DFV PCI Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel(R) 537EP V9x DFV PCI Modem"
    Intel(R) PRO Network Adapters and Drivers --> Prounstl.exe
    Intel(R) PROSet --> MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
    iTunes --> MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
    Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
    Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
    Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
    Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
    Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
    LimeWire --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{69654736-1026-4728-A78E-BA45DF993BAE}
    LimeWire 4.9.33 --> "C:\Program Files\LimeWire\uninstall.exe"
    LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
    LiveUpdate 2.5 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
    Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x9 UNINSTALL -removeonly
    Logitech MouseWare 9.77 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\SETUP.EXE" -l0x9 -l0009 UNINSTALL
    Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
    Macromedia Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
    Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
    Microsoft Encarta Encyclopedia Standard 2004 --> MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
    Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
    mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall
    Modem Event Monitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9
    Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
    Modem On Hold --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
    Morgan Stream Switcher --> "C:\Program Files\Morgan\mmswitch\uninst.exe"
    Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSRedist --> MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
    MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    Norton AntiSpam --> MsiExec.exe /I{3B29A786-5803-4e9e-9B58-3014A5B4E519}
    Norton AntiSpam --> MsiExec.exe /I{5677563D-0CB1-485f-9E18-C5025306BB3F}
    Norton AntiVirus --> MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
    Norton Internet Security --> MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
    Norton Internet Security --> MsiExec.exe /I{449F3A9E-9903-4a0d-A209-08030D45A935}
    Norton Internet Security --> MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
    Norton Internet Security --> MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
    Norton Internet Security --> MsiExec.exe /I{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}
    Norton Internet Security --> MsiExec.exe /I{A93C9E60-29B6-49da-BA21-F70AC6AADE20}
    Norton Internet Security --> MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
    Norton Internet Security --> MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
    Norton Internet Security --> MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
    Norton Internet Security --> MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
    Norton Internet Security (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe /X
    Norton WMI Update --> MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
    OSP for Quake3 1.03 --> MsiExec.exe /X{337FE904-145E-4975-8C76-ED26FC8E1C8B}
    Painkiller --> C:\WINDOWS\unvise32.exe C:\Program Files\DreamCatcher\Painkiller\uninstal.log
    Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
    PowerDVD 5.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    Quake III Arena --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Quake III Arena\QIII.isu"
    Quake III Arena Point Release 1.32 --> C:\WINDOWS\unvise32.exe C:\Program Files\Quake III Arena\uninstal5.log
    QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
    Rappelz_USA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}\setup.exe" -l0x9 -removeonly
    RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Red Alert Windows 95 --> C:\WINDOWS\RAUNINST.EXE C:\WINDOWS\UNINST.EXE -fC:\WESTWOOD\REDALERT\DeIsL1.isu
    Registry Mechanic --> "C:\Program Files\Registry Mechanic\unins000.exe"
    Rocket Arena 3 1.76 (remove only) --> "C:\Program Files\Quake III Arena\arena\uninstall.exe"
    Rome - Total War(TM) --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB} /l1033 /x
    Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
    Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
    Serious Sam: The Second Encounter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}\Setup.exe" -l0x9

  3. #23
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    continued:

    Shockwave --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
    Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
    Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
    Sound Blaster Live! --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\setup.exe" -l0x9
    Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
    Steam --> C:\PROGRA~1\Steam\UNWISE.EXE C:\PROGRA~1\Steam\INSTALL.LOG
    SWAT 4 Multiplayer Demo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{061126FC-5424-41BA-8D05-3C30C0F153C7} uninstall
    SWAT 4 Single Player Demo --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{F2CA85EF-D86E-4F4C-99E7-8ED7AA18E7B8} uninstall
    Symantec Script Blocking Installer --> MsiExec.exe /I{D327AFC9-7BAA-473A-8319-6EB7A0D40138}
    TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
    Thief - Deadly Shadows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC123EEA-330A-4685-911C-95B8F5E9DE68}\Setup.exe" -l0x9
    Threewave 1.6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11CAA479-DD6E-4BD8-92F6-C0F98FD6370C}\Setup.exe" -l0x9 UNINSTALL
    ubi.com --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x9 UNINSTALL-L0x9 -uninst
    Ulead GIF Animator 5 TBYB --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8AF3E926-ED59-11D4-A44B-0000E86D2305}\Setup.exe" -l0x9
    Uninstall Startup Inspector --> "C:\Program Files\Startup Inspector for Windows\unins000.exe"
    Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
    Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
    Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
    Westwood Shared Internet Components --> c:\westwood\internet\UninstAP.EXE
    Windows Driver Package - Microsoft WPD (12/01/2006 1.2.0.0) --> rundll32.exe C:\PROGRA~1\DIFX\F78795BBB376EE09\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\Zune_C6317AD6BF989B5AA21DD2422BEA915EC068CA80\Zune.inf
    Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
    Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
    Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
    WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
    WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
    XBCD 1.07 --> C:\Program Files\XBCD\uninst.exe
    XviD MPEG-4 Codec --> "C:\Program Files\XviD\UninstXviD.exe"

    -- Application Event Log -------------------------------------------------------

    Event Record #/Type8004 / Error
    Event Submitted/Written: 01/23/2008 00:48:23 PM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Hanging application cscript.exe, version 5.6.0.8820, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Event Record #/Type8003 / Error
    Event Submitted/Written: 01/23/2008 00:48:20 PM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Hanging application cscript.exe, version 5.6.0.8820, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Event Record #/Type7954 / Error
    Event Submitted/Written: 01/22/2008 11:29:49 AM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Hanging application msnmsgr .exe, version 8.1.178.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Event Record #/Type7945 / Error
    Event Submitted/Written: 01/21/2008 04:34:11 PM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Hanging application notepad.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Event Record #/Type7944 / Error
    Event Submitted/Written: 01/21/2008 04:34:08 PM
    Event ID/Source: 1002 / Application Hang
    Event Description:
    Hanging application notepad.exe, version 5.1.2600.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.



    -- Security Event Log ----------------------------------------------------------

    No Errors/Warnings found.


    -- System Event Log ------------------------------------------------------------

    Event Record #/Type8507 / Error
    Event Submitted/Written: 01/24/2008 01:21:37 PM
    Event ID/Source: 7000 / Service Control Manager
    Event Description:
    The SAVRT service failed to start due to the following error:
    %%31

    Event Record #/Type8503 / Error
    Event Submitted/Written: 01/24/2008 01:21:37 PM
    Event ID/Source: 6 / SAVRT
    Event Description:
    Incompatible version of SYMEVENT.SYS is loaded.

    Event Record #/Type8502 / Error
    Event Submitted/Written: 01/24/2008 01:21:36 PM
    Event ID/Source: 7026 / Service Control Manager
    Event Description:
    The following boot-start or system-start driver(s) failed to load:
    SAVRT

    Event Record #/Type8501 / Error
    Event Submitted/Written: 01/24/2008 01:21:36 PM
    Event ID/Source: 7024 / Service Control Manager
    Event Description:
    The Symantec Network Proxy service terminated with service-specific error 4294967295 (0xFFFFFFFF).

    Event Record #/Type8499 / Error
    Event Submitted/Written: 01/24/2008 01:20:05 PM
    Event ID/Source: 7001 / Service Control Manager
    Event Description:
    The SAVScan service depends on the SAVRT service which failed to start because of the following error:
    %%31



    -- End of Deckard's System Scanner: finished at 2008-01-24 13:23:35 ------------


    main.txt:

    Deckard's System Scanner v20071014.68
    Run by Tobi on 2008-01-24 13:22:02
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.


    -- Last 5 Restore Point(s) --
    108: 2008-01-24 19:22:13 UTC - RP230 - Deckard's System Scanner Restore Point
    107: 2008-01-24 18:58:33 UTC - RP229 - Restore Operation
    106: 2008-01-24 18:33:59 UTC - RP228 - ComboFix created restore point
    105: 2008-01-24 18:26:28 UTC - RP227 - Restore Operation
    104: 2008-01-24 16:45:14 UTC - RP226 - ComboFix created restore point


    -- First Restore Point --
    1: 2008-01-23 18:33:29 UTC - RP123 - System Checkpoint


    Performed disk cleanup.



    -- HijackThis (run as Tobi.exe) ------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:22, on 2008-01-24
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\Tobi\Desktop\dss(2).exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\Tobi.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
    R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {8696DEF5-ADE1-4839-9E1B-696F5F66567C} - \
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe" -startup
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CatalystRegistration] "C:\Program Files\ATI\CatalystRegistration\dolce.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent .exe" --force_start_minimized
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab57213.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - C:\Program Files\Intel\NCS\Sync\NetSvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

  4. #24
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    continued:

    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O24 - Desktop Component 0: (no name) - http://hp.msn.com/c/home/flight/1px-nav.gif
    O24 - Desktop Component 1: (no name) - http://bc.sc.msn.ca/c/home/nip_bk.jpg
    O24 - Desktop Component 2: (no name) - http://64.4.61.250/cgi-bin/getmsg/IM...2341528d3a468a
    O24 - Desktop Component 3: (no name) - http://by102fd.bay102.hotmail.msn.co...in=hotmail.com
    O24 - Desktop Component 4: (no name) - http://64.4.61.250/cgi-bin/getmsg/IM...71df265e836201
    O24 - Desktop Component 5: (no name) - http://64.4.61.250/cgi-bin/getmsg/IM...e8eee93bf6d571

    --
    End of file - 11528 bytes

    -- File Associations -----------------------------------------------------------

    All associations okay.


    -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

    R0 agp440 (Intel AGP Bus Filter) - c:\windows\\systemroot\system32\drivers\agp440.sys (file missing)
    R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
    R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
    R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
    R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
    R1 oreans32 - c:\windows\system32\drivers\oreans32.sys

    S3 dtscsi - c:\windows\system32\drivers\dtscsi.sys (file missing)
    S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)
    S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
    S3 jswmidin - c:\docume~1\tobi\locals~1\temp\jswmidin.sys (file missing)
    S3 SDTHOOK - c:\windows\system32\drivers\sdthook.sys <Not Verified; Panda Software; Panda® Antivirus>
    S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
    S3 XBCD (XBCD Kernel Module) - c:\windows\system32\drivers\xbcd.sys <Not Verified; Redcl0ud; XBCD>


    -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

    R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

    S3 MSControlService (Microsoft cache control) - c:\windows\system32\windows (file missing)
    S3 NetSvc (Intel NCS NetService) - c:\program files\intel\ncs\sync\netsvc.exe (file missing)


    -- Device Manager: Disabled ----------------------------------------------------

    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMHL-DT-ST_RW/DVD_GCC-4481B_______________E106____\5&33FCAB6&0&0.0.0
    Manufacturer: (Standard CD-ROM drives)
    Name: HL-DT-ST RW/DVD GCC-4481B
    PNP Device ID: IDE\CDROMHL-DT-ST_RW/DVD_GCC-4481B_______________E106____\5&33FCAB6&0&0.0.0
    Service: cdrom


    -- Scheduled Tasks -------------------------------------------------------------

    2008-01-24 11:37:23 366 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
    2008-01-21 10:30:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    -- Files created between 2007-12-24 and 2008-01-24 -----------------------------

    2008-01-24 09:49:47 10854400 --a------ C:\Documents and Settings\Tobi\ntuser.dat
    2008-01-20 22:37:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-01-20 20:11:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-01-20 20:11:10 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-01-20 18:39:15 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
    2008-01-20 18:19:08 0 d-------- C:\Program Files\Trend Micro
    2008-01-20 18:17:22 0 d-------- C:\WINDOWS\system32\ActiveScan
    2008-01-19 13:51:57 0 d-------- C:\VundoFix Backups
    2008-01-14 21:21:28 0 d-------- C:\Temp
    2007-12-31 16:11:35 0 d-------- C:\Program Files\Robster Productions
    2007-12-27 18:48:54 0 d-------- C:\Program Files\iPod
    2007-12-27 18:48:49 0 d-------- C:\Program Files\iTunes
    2007-12-27 18:34:34 0 d-------- C:\WINDOWS\system32\NtmsData


    -- Find3M Report ---------------------------------------------------------------

    2008-01-24 13:13:55 0 d-------- C:\Program Files\Messenger
    2008-01-24 07:37:19 0 d-------- C:\Program Files\Common Files\Symantec Shared
    2008-01-23 13:49:15 0 d-------- C:\Program Files\Common Files
    2008-01-23 13:48:56 0 d-------- C:\Program Files\Spyware Doctor
    2008-01-23 13:48:56 0 d-------- C:\Program Files\QuickTime
    2008-01-23 13:48:44 0 d-------- C:\Program Files\MSN Messenger
    2008-01-23 13:48:43 0 d-------- C:\Program Files\DAEMON Tools
    2008-01-23 13:48:33 0 d-------- C:\Program Files\BitTorrent
    2008-01-23 12:39:10 0 d-------- C:\Documents and Settings\Tobi\Application Data\BitTorrent
    2008-01-21 15:42:01 0 d-------- C:\Program Files\Windows Live Toolbar
    2008-01-21 13:56:00 0 d-------- C:\Program Files\Call of Duty Game of the Year Edition
    2008-01-21 11:57:24 0 d-------- C:\Program Files\Steam
    2008-01-20 21:53:02 0 d-------- C:\Program Files\Java
    2008-01-16 12:56:44 0 d-------- C:\Program Files\XBCD
    2008-01-15 16:18:44 0 d-------- C:\Program Files\Common Files\Groove Games Shared
    2008-01-14 14:04:12 0 d-------- C:\Documents and Settings\Tobi\Application Data\Azureus
    2008-01-01 03:46:59 0 d-------- C:\Program Files\Azureus
    2007-12-27 21:33:13 0 d-------- C:\Documents and Settings\Tobi\Application Data\Apple Computer
    2007-12-27 18:46:35 0 d-------- C:\Program Files\Apple Software Update
    2007-12-24 18:17:40 4096 --a------ C:\WINDOWS\system32\crash
    2007-12-20 23:17:20 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
    2007-12-20 20:01:55 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
    2007-12-18 22:08:01 0 d-------- C:\Documents and Settings\Tobi\Application Data\ATI
    2007-12-18 22:05:56 0 d-------- C:\Program Files\ATI Technologies
    2007-12-18 20:34:26 0 d-------- C:\Program Files\ATI
    2007-12-17 20:18:02 0 d-------- C:\Program Files\Activision
    2007-12-17 19:54:30 0 d-------- C:\Program Files\Mount&Blade
    2007-12-17 19:19:36 0 d-------- C:\Program Files\Diablo II
    2007-12-17 13:50:24 0 d-------- C:\Program Files\Atari
    2007-12-10 11:53:10 0 d-------- C:\Documents and Settings\Tobi\Application Data\Media Player Classic
    2007-11-01 21:05:00 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>


    -- Registry Dump ---------------------------------------------------------------

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8696DEF5-ADE1-4839-9E1B-696F5F66567C}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" []
    "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe" []
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-22 23:25 C:\WINDOWS\KHALMNPR.Exe]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" []
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" []
    "CatalystRegistration"="C:\Program Files\ATI\CatalystRegistration\dolce.exe" []
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" []
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" []
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" []
    "SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" []
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" []
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" []
    "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" []
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" []
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" []
    "BitTorrent"="C:\Program Files\BitTorrent\bittorrent .exe" []
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" []

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Symantec NetDriver Warning"=C:\PROGRA~1\SYMNET~1\SNDWarn.exe

    C:\Documents and Settings\Tobi\Start Menu\Programs\Startup\
    DESKTOP.INI [2002-09-03 08:00:00]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    DESKTOP.INI [2002-09-03 08:00:00]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    @=

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
    "C:\Program Files\D-Tools\daemon.exe" -lang 1033

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
    C:\WINDOWS\system32\dla\tfswctrl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
    C:\WINDOWS\kdx\KHost.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    Logi_MwX.Exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
    "C:\Program Files\Dell\Media Experience\PCMService.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\qttask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
    "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
    C:\Program Files\Norton Internet Security\UrlLstCk.exe




    -- End of Deckard's System Scanner: finished at 2008-01-24 13:23:35 ------------

  5. #25
    Security Expert: Emeritus Shaba's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,644

    Default

    Hi

    Open HijackThis, click do a system scan only and checkmark this:

    O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\WINDOWS\system32\windows (file missing)

    Close all windows including browser and press fix checked.

    Reboot.

    Re-scan with kaspersky.

    Post:

    - a fresh HijackThis log
    - kaspersky report
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  6. #26
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    kaspersky:

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    2008-01-25 05:57
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 24/01/2008
    Kaspersky Anti-Virus database records: 530110
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    A:\
    C:\
    D:\
    E:\

    Scan Statistics:
    Total number of scanned objects: 149627
    Number of viruses found: 13
    Number of infected objects: 589
    Number of suspicious objects: 0
    Duration of the scan process: 01:53:06

    Infected Object Name / Virus Name / Last Action
    C:\Deckard\System Scanner\20080121142904\backup\DOCUME~1\Tobi\LOCALS~1\Temp\b136.exe/stream/data0002 Infected: Trojan-Dropper.Win32.Agent.bfr skipped
    C:\Deckard\System Scanner\20080121142904\backup\DOCUME~1\Tobi\LOCALS~1\Temp\b136.exe/stream/data0004 Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\Deckard\System Scanner\20080121142904\backup\DOCUME~1\Tobi\LOCALS~1\Temp\b136.exe/stream Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\Deckard\System Scanner\20080121142904\backup\DOCUME~1\Tobi\LOCALS~1\Temp\b136.exe NSIS: infected - 3 skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Mozilla\Firefox\Profiles\default.ojx\cert8.db Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Mozilla\Firefox\Profiles\default.ojx\history.dat Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Mozilla\Firefox\Profiles\default.ojx\key3.db Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Mozilla\Firefox\Profiles\default.ojx\parent.lock Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Mozilla\Firefox\Profiles\default.ojx\search.sqlite Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Mozilla\Firefox\Profiles\default.ojx\urlclassifier2.sqlite Object is locked skipped
    C:\Documents and Settings\Tobi\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv74.jar-170b188f-790ea76f.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
    C:\Documents and Settings\Tobi\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv74.jar-170b188f-790ea76f.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
    C:\Documents and Settings\Tobi\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv74.jar-170b188f-790ea76f.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
    C:\Documents and Settings\Tobi\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv74.jar-170b188f-790ea76f.zip ZIP: infected - 3 skipped
    C:\Documents and Settings\Tobi\Cookies\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\Tobi\Desktop\woot\everythingfuc\Incomplete\T-4183220-03 Track 3.wma Infected: Trojan-Downloader.WMA.Wimad.k skipped
    C:\Documents and Settings\Tobi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.ojx\Cache\_CACHE_001_ Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.ojx\Cache\_CACHE_002_ Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.ojx\Cache\_CACHE_003_ Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\Application Data\Mozilla\Firefox\Profiles\default.ojx\Cache\_CACHE_MAP_ Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\History\History.IE5\MSHist012008012520080126\index.dat Object is locked skipped
    C:\Documents and Settings\Tobi\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Tobi\ntuser.dat Object is locked skipped
    C:\Documents and Settings\Tobi\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
    C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
    C:\QooBox\Quarantine\C\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\ATI\CatalystRegistration\dolce.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\BitTorrent\bittorrent.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\issch.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Common Files\Real\Update_OB\realsched.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\CyberLink\PowerDVD\DVDLauncher.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\DAEMON Tools\daemon.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\iTunes\iTunesHelper.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Java\jre1.6.0_03\bin\jusched.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\MSN Messenger\msnmsgr.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Spybot - Search & Destroy\TeaTimer.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\Program Files\Spyware Doctor\pctsTray.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\mrofinu572.exe.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\catkprle.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX315.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX7E.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX7F.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX80.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCXB0.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vbfgjfqg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vtsqn.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\QooBox\Quarantine\catchme2008-01-23_135245.40.zip/catkprle.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\QooBox\Quarantine\catchme2008-01-23_135245.40.zip ZIP: infected - 1 skipped
    C:\RECYCLER\S-1-5-18\Dc17\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc18\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc19\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc20\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc21\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc22\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc23\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\RECYCLER\S-1-5-18\Dc24\system.dll Infected: not-a-virus:AdWare.Win32.Mostofate.u skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP182\A0062496.exe Infected: Trojan-Downloader.Win32.Delf.ctz skipped

  7. #27
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP182\A0062497.exe Infected: Trojan-Downloader.Win32.Delf.ctz skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP182\A0062498.exe Infected: Trojan-Downloader.Win32.Delf.ctz skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP182\A0062499.exe Infected: Trojan-Downloader.Win32.Delf.ctz skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068127.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068128.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068129.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068130.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068131.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068132.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068133.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068134.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068135.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068136.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068137.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068138.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068139.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068140.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068141.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068147.exe/data0001 Infected: not-a-virus:AdWare.Win32.PurityScan.gp skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068147.exe NSIS: infected - 1 skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0068148.exe Infected: Trojan-Downloader.Win32.PurityScan.fg skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069027.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069030.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069031.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069032.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069033.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069034.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069035.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069036.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069037.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069038.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069039.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069040.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069042.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069097.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069098.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069100.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069102.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069104.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069105.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069109.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069111.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069112.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069114.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069115.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069116.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069137.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0069142.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070160.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070161.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070162.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070163.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070164.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070165.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070166.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070167.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070168.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070169.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070170.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070171.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070172.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070173.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070174.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP214\A0070176.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070192.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070193.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070194.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070196.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070197.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070199.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070200.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070201.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070202.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070203.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070204.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070205.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070206.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0070207.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070274.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070275.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070276.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070277.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070278.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070279.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070280.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070281.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070282.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070283.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070284.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070285.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070286.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070287.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070288.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070289.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070295.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070303.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070316.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070317.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070318.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070319.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070320.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070321.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070322.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070323.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070324.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070325.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070326.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070327.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070329.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070330.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070331.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070353.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070354.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070355.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070357.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070359.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070361.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070362.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070363.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070364.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070365.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070366.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070367.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP216\A0070368.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071353.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

  8. #28
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071354.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071356.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071357.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071358.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071359.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071360.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071361.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071362.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071363.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071364.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071365.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071366.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071367.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071368.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071374.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071375.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071376.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071377.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071387.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071389.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071390.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071392.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071393.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071395.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071396.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071397.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071398.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071399.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071400.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071401.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071402.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071422.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071423.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071425.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071426.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071427.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071428.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071429.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071430.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071431.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071432.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071433.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071434.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071435.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071436.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071437.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071461.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071462.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071463.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071465.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071466.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071469.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071470.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071471.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071472.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071473.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071474.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071475.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071476.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP218\A0071504.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071554.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071561.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071562.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071563.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071564.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071565.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071566.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071568.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071569.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071570.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071571.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071572.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071573.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071574.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071575.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0071578.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072573.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072574.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072576.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072578.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072579.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072580.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072582.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072583.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072584.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072585.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072587.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072588.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072589.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072590.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072613.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072614.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072616.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072618.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072619.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072621.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072622.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072623.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072624.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072626.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072627.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072628.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0072629.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073600.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073602.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073603.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073604.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073605.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073606.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073607.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073608.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073609.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073610.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073611.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073612.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073613.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073614.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073615.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

  9. #29
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073616.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073622.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073623.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073625.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073627.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073628.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073630.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073631.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073632.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073633.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073634.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073635.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073636.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073637.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073638.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073639.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073640.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073659.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073660.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073662.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073664.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073665.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073667.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073671.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073674.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073675.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073677.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073678.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073681.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073696.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073697.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073699.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073700.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073701.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073702.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073704.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073705.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073707.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073710.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073711.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073713.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073714.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0073716.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074707.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074709.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074711.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074712.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074714.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074715.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074716.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074717.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074719.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074721.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074722.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0074723.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075697.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075708.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075710.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075711.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075712.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075713.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075714.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075715.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075716.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075717.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075718.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075719.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075720.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075721.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP219\A0075722.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075765.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075766.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075769.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075772.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075774.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075775.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075776.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075777.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075778.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075779.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075780.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0075782.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076754.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076756.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076757.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076758.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076760.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076761.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076763.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076764.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076767.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076768.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076770.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076771.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076772.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076775.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076776.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076777.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076779.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0076859.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP220\A0077010.exe Infected: Trojan-Downloader.Win32.Agent.haq skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077138.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077770.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077771.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077772.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077773.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077774.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077775.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077776.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077777.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077778.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077779.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077780.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077781.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077782.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077783.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077784.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077809.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077814.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077815.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077817.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077818.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077819.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077823.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077824.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077825.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

  10. #30
    Junior Member
    Join Date
    Jan 2008
    Posts
    29

    Default

    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077826.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077852.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077856.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077857.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077858.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077859.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077860.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077861.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077862.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077863.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077864.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077865.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077866.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077867.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077868.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077869.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077889.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077897.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077900.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077901.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077902.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077903.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077904.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077905.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077906.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077907.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077908.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077909.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077910.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077911.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0077912.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078895.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078897.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078898.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078899.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078900.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078902.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078903.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078905.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078906.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078907.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078908.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078909.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078910.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078911.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078943.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078946.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078947.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078948.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078949.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078950.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078951.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078952.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078953.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078954.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078955.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078956.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP221\A0078957.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0078965.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0078966.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0078967.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0078968.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079943.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079945.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079946.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079947.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079948.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079949.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079950.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079951.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079952.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079953.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079954.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079955.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079956.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0079997.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080000.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080001.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080002.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080003.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080004.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080005.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080006.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080007.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080008.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080009.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080010.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080011.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080012.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080013.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080014.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080015.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080016.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080017.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080018.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080019.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080020.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080021.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080022.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080023.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080024.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080025.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080026.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080027.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080028.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080029.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080030.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080031.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080032.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080033.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080034.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080035.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080036.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080037.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080038.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080039.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080040.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080041.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080042.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080043.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080044.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080047.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP222\A0080049.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP234\change.log Object is locked skipped
    C:\VundoFix Backups\cegpicwe.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\VundoFix Backups\dnnmpfrg.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\VundoFix Backups\gdvuggsg.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\VundoFix Backups\kukbpkfn.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
    C:\VundoFix Backups\vtsqn.exe.bad Infected: Trojan-Dropper.Win32.Agent.dgo skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\ACEEvent.evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
    C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys Object is locked skipped
    C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •