PDA

View Full Version : Infected, requesting for help!



richardt
2007-12-15, 20:42
Hello.

My computer has been recently working fine thanks to Shaba being so helpful to me. But earlier, my friend came over and came across a site that somehow has given me problems on my PC. Lots of pop-ups are occuring now, and the PC is becoming slow. I've used Spybot S&D and it cured some problems, but not all. So I am looking for help to get rid of whatever's on my pc completely.

Thanks!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:37:17 PM, on 12/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\mrofinu72.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ASEMBL~1\spool32.exe
C:\Program Files\QdrModule\QdrModule10.exe
C:\Program Files\?ystem\??rvices.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\richardt.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.bellsouth.net/
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BndShell3 BHO Class - {875A1348-7674-42aa-ADAC-B4F36A004A2D} - C:\Program Files\QdrDrive\QdrDrive8.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B2ABA930-35AE-3A5C-8B27-38E678815C92} - C:\WINDOWS\system32\kota.dll
O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\cbxvuuv.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D8C685B2-242D-4605-BE25-9C28D75F4105} - C:\WINDOWS\system32\ssqrs.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu72.exe 61A847B5BBF72815308B2B27128065E9C084320161C4661227A755E9C2933154389A
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Srro] "C:\WINDOWS\system32\ASEMBL~1\spool32.exe" -vt yazb
O4 - HKCU\..\Run: [QdrModule10] "C:\Program Files\QdrModule\QdrModule10.exe"
O4 - HKCU\..\Run: [Jpukjfjm] "C:\Program Files\?ystem\??rvices.exe"
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1196741856218
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: cbxvuuv - cbxvuuv.dll (file missing)

--
End of file - 6532 bytes

richardt
2007-12-15, 20:59
Ahh, it's getting worse. I tried opening up my Task Manager, and it says "Task Manager has been disabled by your administrator." Internet's having problems too.

richardt
2007-12-16, 15:32
Kasper Sky Log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
2007-12-15 19:30
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 16/12/2007
Kaspersky Anti-Virus database records: 483614
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 454462
Number of viruses found: 28
Number of infected objects: 208
Number of suspicious objects: 4
Duration of the scan process: 03:20:37

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\65d7a352659b0547cea5ef1b944cc3dd_a7e8d55f-6fa0-45dd-bbf6-061ff43031bd Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\89806886eb2e704a815163b3cd4c2de0_a7e8d55f-6fa0-45dd-bbf6-061ff43031bd Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c10f28867ef6747ab127b06617886c67_a7e8d55f-6fa0-45dd-bbf6-061ff43031bd Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdBreak10.zip/hcwprn.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdBreak10.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdBreak12.zip/kvnab.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\AdBreak12.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde.zip/qbthlnqq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde1.zip/xtwsxiua.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde2.zip/wdsrhfrf.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde2.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde3.zip/jebpcyxo.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumonde3.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeDll.zip/cbxvuuv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.apn skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeDll.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeDll1.zip/cbxvuuv.dll_old Infected: not-a-virus:AdWare.Win32.Virtumonde.apn skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeDll1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeDll2.zip/cbxvuuv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.apn skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\VirtumondeDll2.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric.zip/mcoerunm.dll Infected: Trojan.Win32.BHO.hj skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric1.zip/mcoerunm.dll_old Infected: Trojan.Win32.BHO.hj skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric10.zip/cuajfdwl.dll Infected: Trojan.Win32.BHO.o skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric10.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric11.zip/ssqqrqp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric11.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric2.zip/nkwtjrfj.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric2.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric3.zip/pioeptwb.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric3.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric37.zip/ssqqrqp.dll_old Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric37.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric4.zip/yehmjjuk.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric4.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric5.zip/xcesnqds.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric5.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric6.zip/buwtigmy.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric6.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric7.zip/adwkqthf.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric7.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric8.zip/bviksiet.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric8.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric9.zip/dprktoly.dll Infected: Trojan.Win32.BHO.g skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Virtumondegeneric9.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah.zip/vvqmtedy.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah1.zip/vdyluerg.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah10.zip/eypcvkwc.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah10.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah11.zip/ejtswold.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah11.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah12.zip/bsgyqewq.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah12.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah13.zip/afmypxrn.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah13.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah2.zip/uwgthhen.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah2.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah3.zip/tsetsima.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah3.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah4.zip/shfbcfvu.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah4.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah5.zip/rqwdqckq.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah5.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah6.zip/mcugyqfl.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah6.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah7.zip/klkiwvub.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah7.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah8.zip/jryygnbx.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah8.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah9.zip/ihxhiqcg.dll Infected: Trojan.Win32.BHO.bd skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinConHookah9.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat.zip/xwryrhgw.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat1.zip/xcstmopo.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat10.zip/ulqetwbm.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat10.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat11.zip/uasxllgb.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat11.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat12.zip/tvdusbnn.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat12.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat13.zip/tupwpvdy.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat13.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat14.zip/tksvxqrw.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat14.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat15.zip/skgvxxul.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat15.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat16.zip/siwyskpp.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat16.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat17.zip/rqmsqsnf.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat17.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat18.zip/rqhpnnic.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat18.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat19.zip/qneadafk.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat19.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat2.zip/wwmxwfxg.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat2.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat20.zip/qjslvohy.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat20.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat21.zip/pmcfiedf.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat21.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat22.zip/oropatlh.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat22.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat23.zip/oibfqmpk.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat23.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat24.zip/nvgqgjgc.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat24.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat25.zip/ngxglfae.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat25.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat26.zip/nbdpjoqv.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat26.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat27.zip/mmigbscj.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat27.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat28.zip/ljrpqlvi.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat28.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat29.zip/kmhxutvv.dll Infected: Trojan-Spy.Win32.Agent.ps skipped

richardt
2007-12-16, 15:33
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat29.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat3.zip/wiakyjlj.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat3.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat30.zip/kdqlcpal.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat30.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat31.zip/jopgbocx.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat31.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat32.zip/jcrovjbv.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat32.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat33.zip/idkmqfej.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat33.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat34.zip/hucgtvsg.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat34.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat35.zip/hmcobglr.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat35.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat36.zip/hjypgmvt.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat36.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat37.zip/gohmdfgk.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat37.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat38.zip/febuiycl.dll Infected: Trojan-Spy.Win32.Agent.ps skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat38.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat39.zip/efmgnywl.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat39.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat4.zip/wciepebf.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat4.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat40.zip/dwhjuixb.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat40.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat41.zip/dkcfwltq.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat41.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat42.zip/dfkxtbbl.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat42.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat43.zip/ctrcblbv.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat43.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat44.zip/ccmujpji.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat44.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat45.zip/brbmfwqf.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat45.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat46.zip/anvuqifn.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat46.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat47.zip/abtbtqfd.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat47.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat48.zip/abdhuksn.dll Infected: Trojan-Spy.Win32.VBStat.d skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat48.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat5.zip/wchafpgw.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat5.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat6.zip/vvgyamre.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat6.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat7.zip/vlijxpfv.dll Infected: Trojan-Spy.Win32.VBStat.e skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat7.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat8.zip/vetnbkfu.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat8.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat9.zip/upshqynk.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinVBStat9.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle1.zip/Yazzle1552OinAdmin.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\Yazzle1.zip ZIP: infected - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch.zip/ovdfbdmy.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZenoSearch.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\cert8.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\history.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\key3.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\parent.lock Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Desktop\catchme.zip/symavc32.sys Infected: Rootkit.Win32.Agent.qz skipped
C:\Documents and Settings\Compaq_Owner\Desktop\catchme.zip/PagingSYS.sys Infected: Backdoor.Win32.IRCBot.avf skipped
C:\Documents and Settings\Compaq_Owner\Desktop\catchme.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\hi-richie@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\hi-richie@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\gbusf79g.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\MSHist012007121520071216\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF14C2.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF155B.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF955.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DF97D.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\ntuser.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\hp\bin\wbug\CompaqPresario_Spring06.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped
C:\hp\bin\wbug\CompaqPresario_Spring06.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped
C:\hp\bin\wbug\CompaqPresario_Spring06.exe WiseSFX: infected - 2 skipped
C:\hp\bin\wbug\CompaqPresario_Spring06.exe WiseSFXDropper: infected - 2 skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 skipped
C:\qoobox\Quarantine\C\Program Files\ISM\ism.exe.vir Infected: not-a-virus:AdWare.Win32.Agent.vv skipped
C:\qoobox\Quarantine\C\Program Files\Outerinfo\FF\components\FF.dll.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped
C:\qoobox\Quarantine\C\Program Files\QdrDrive\QdrDrive8.dll.vir Infected: not-a-virus:AdWare.Win32.AdBand.e skipped
C:\qoobox\Quarantine\C\WINDOWS\mrofinu72.exe.vir Infected: Trojan-Downloader.Win32.Agent.gat skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\kota.dll.vir Infected: not-a-virus:AdWare.Win32.PurityScan.gl skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP31\A0012220.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.apn skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP33\A0012249.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.apn skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012355.exe Infected: Trojan.Win32.VB.azo skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012423.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012429.exe Infected: Trojan.Win32.VB.azo skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012490.exe Infected: Trojan.Win32.VB.azo skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012491.exe Infected: Trojan-Downloader.Win32.Agent.gat skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012494.dll Infected: not-a-virus:AdWare.Win32.PurityScan.gl skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012498.dll Infected: not-a-virus:AdWare.Win32.AdBand.e skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012510.exe Infected: not-a-virus:AdWare.Win32.Agent.vv skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\A0012515.dll Infected: not-a-virus:AdWare.Win32.ZenoSearch.ad skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.b skipped
C:\WINDOWS\fkwggshm.exe Infected: Trojan.Win32.VB.azo skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\system32\drivers\Wfy39.sys Infected: Rootkit.Win32.Agent.qz skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\wineuzl.exe Infected: Trojan-Spy.Win32.Zbot.xe skipped
C:\winiler.exe Infected: Trojan-Downloader.Win32.VB.bwb skipped
C:\winmuqf.exe Infected: Trojan-Downloader.Win32.VB.bwb skipped
D:\I386\Apps\APP32073\src\CompaqPresario_Spring06.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped
D:\I386\Apps\APP32073\src\CompaqPresario_Spring06.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped
D:\I386\Apps\APP32073\src\CompaqPresario_Spring06.exe WiseSFX: infected - 2 skipped
D:\I386\Apps\APP32073\src\CompaqPresario_Spring06.exe WiseSFXDropper: infected - 2 skipped
D:\I386\Apps\APP32073\src\HPPavillion_Spring06.exe/WISE0015.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped
D:\I386\Apps\APP32073\src\HPPavillion_Spring06.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.WeatherBug.a skipped
D:\I386\Apps\APP32073\src\HPPavillion_Spring06.exe WiseSFX: infected - 2 skipped
D:\I386\Apps\APP32073\src\HPPavillion_Spring06.exe WiseSFXDropper: infected - 2 skipped
D:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP34\change.log Object is locked skipped

Scan process completed.

I really need help. :(

richardt
2007-12-16, 19:58
Requesting to get this thread closed. Don't know whether the "helpers" are too busy, or inactive.

Thank you.

pskelley
2007-12-16, 20:05
Topic closed at the request of this member.

tashi
2007-12-16, 22:47
Re-opened to make inquiry.


Requesting to get this thread closed. Don't know whether the "helpers" are too busy, or inactive.

Thank you.

I am somewhat puzzled. Last topic resolved:2007-12-05 http://forums.spybot.info/showthread.php?p=142129#post142129

Apprantly this is the same machine. Also, I see this thread was started only yesterday, did you miss this: The Waiting Room: Post here if waiting for help longer than four days (http://forums.spybot.info/forumdisplay.php?f=37)


Copy and paste that information into your next post if the AV content will fit into one post only.
If the results of the anti virus scan itself will take more than one post to contain, it is best not to post it. Just make a note for our volunteers so they are aware, as it would be best to start off with no more than two posts (total) in your topic before a helper responds.

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Regards.