Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: ctv*****.exe criptograhed malware. Need Help Pls!

  1. #11
    Junior Member Damn_VCT-exe's Avatar
    Join Date
    Oct 2009
    Location
    Lisbon, PT
    Posts
    11

    Exclamation Kasperskyn Online Scanner log ready

    KASPERSKY ONLINE SCANNER 7.0: scan report
    Monday, October 26, 2009
    Operating system: Microsoft Windows XP Professional Service Pack 3, v.5857 (build 2600)
    Kaspersky Online Scanner version: 7.0.26.13
    Last database update: Sunday, October 25, 2009 21:14:38
    Records in database: 3073285
    Scan settings
    scan using the following database extended
    Scan archives yes
    Scan e-mail databases yes
    Scan area My Computer
    A:\
    C:\
    D:\
    G:\
    H:\
    Scan statistics
    Objects scanned 81203
    Threats found 5
    Infected objects found 251
    Suspicious objects found 0
    Scan duration 19:49:51

    File name Threat Threats count
    C:\WINDOWS\system32\ALCXMNTR.EXE/C:\WINDOWS\system32\ALCXMNTR.EXE Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\DOCUME~1\BFERRY~1\LOCALS~1\Temp\ctv5835.exe/C:\DOCUME~1\BFERRY~1\LOCALS~1\Temp\ctv5835.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\alcxmntr .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Documents and Settings\BFERRY_PT\alcxmntr.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv1205.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv2127.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv279.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3054.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3975.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv4900.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv5835.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv6762.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Program Files\Adobe\acrotray .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Program Files\PowerISO\pwrisovm.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\Documents and Settings\BFERRY_PT\alcxmntr .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\alcxmntr .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\l3fmoetsvvsr .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\oodtray .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\taskswitch .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\[4]-Submit_2009-10-25_20.16.20.zip Infected: Trojan-Downloader.Win32.Small.anvz 3
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP43\A0002374.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP43\A0002375.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP43\A0002376.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003400.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003402.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003403.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003488.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0004449.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0004451.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0004452.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP45\A0005449.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP45\A0005451.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP45\A0005452.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0005762.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0005764.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0005765.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007779.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007781.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007782.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007783.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007793.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007795.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007796.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0009810.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0009811.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0009812.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0012387.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0012390.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0012392.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP47\A0012876.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP47\A0012877.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP47\A0012878.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0014944.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0014946.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0014948.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015472.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015473.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015474.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015843.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015844.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015846.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015973.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015975.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015976.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015998.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0016000.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0016001.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP51\A0017009.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP51\A0017011.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP51\A0017012.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP53\A0017244.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP53\A0017245.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP53\A0017246.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP56\A0018389.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP56\A0018391.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP56\A0018392.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018423.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018424.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018425.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018466.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018467.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018469.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP61\A0019461.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP61\A0019463.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP61\A0019464.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP62\A0019926.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP62\A0019928.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP62\A0019929.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP65\A0020346.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP65\A0020347.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP65\A0020348.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020475.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020477.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020478.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020555.dll Infected: Trojan.Win32.Monder.gen 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020586.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020587.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020589.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP69\A0020677.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP69\A0020679.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP69\A0020680.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020751.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020752.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020754.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020776.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020777.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020831.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020832.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020859.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020860.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020861.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020886.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020888.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020889.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020983.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020984.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020985.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020986.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020987.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020988.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020989.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020990.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020991.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020992.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020993.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020994.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020995.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020996.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020997.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020998.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020999.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021000.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021001.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021002.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021003.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021004.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021005.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021006.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021007.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021008.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021009.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021010.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021011.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021012.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021013.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021014.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021015.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021016.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021017.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021018.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021019.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021020.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021021.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021022.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021023.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021024.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021025.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021026.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021027.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021028.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021029.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021030.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021033.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021035.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021036.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021037.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021056.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021059.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021060.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021349.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021350.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021351.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021361.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021363.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021364.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021392.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021393.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021404.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021406.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021407.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021423.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021425.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021426.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021640.exe Infected: Trojan-Spy.Win32.FlyStudio.dvw 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021656.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021657.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021658.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021736.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021737.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021739.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP78\A0021980.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP78\A0021982.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP78\A0021983.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022135.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022136.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022137.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022403.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022406.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022407.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022558.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022560.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022561.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\7SP_Files\LS Patch\LS Patch.exe Infected: not-a-virus:RiskTool.Win32.CloseApp.e 1
    C:\WINDOWS\system32\alcxmntr.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\ctfmon.exe.tmp Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\l3fmoetsvvsr.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\l3fmoetsvvsr.exe112 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\l3fmoetsvvsr.exe70 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe113 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe119 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe133 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe161 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe163 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe187 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe189 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe204 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe2135 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe239 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe356 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe64 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe690 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe79 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe111 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe117 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe131 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe144 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe145 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe159 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe160 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe162 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe186 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe187 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe202 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe2133 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe238 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe243 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe354 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe63 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe78 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe780 Infected: Trojan-Downloader.Win32.Small.anvz 1
    Selected area has been scanned.


    Quote Originally Posted by Blade81 View Post
    Thanks for the results. Shall see for further steps after those other things are done
    Damn_VCT

  2. #12
    Junior Member Damn_VCT-exe's Avatar
    Join Date
    Oct 2009
    Location
    Lisbon, PT
    Posts
    11

    Exclamation DDS txt log ready

    NOTE : Although I have removed ( Revo's utility tool) previous AVira AntiVir Desktop from the system it seems Combofix detects it. I've already checked services.msc and it appears as disabled. So I don't know why Combofix stilll detects it ...


    Quote Originally Posted by Damn_VCT-exe View Post
    KASPERSKY ONLINE SCANNER 7.0: scan report
    Monday, October 26, 2009
    Operating system: Microsoft Windows XP Professional Service Pack 3, v.5857 (build 2600)
    Kaspersky Online Scanner version: 7.0.26.13
    Last database update: Sunday, October 25, 2009 21:14:38
    Records in database: 3073285
    Scan settings
    scan using the following database extended
    Scan archives yes
    Scan e-mail databases yes
    Scan area My Computer
    A:\
    C:\
    D:\
    G:\
    H:\
    Scan statistics
    Objects scanned 81203
    Threats found 5
    Infected objects found 251
    Suspicious objects found 0
    Scan duration 19:49:51

    File name Threat Threats count
    C:\WINDOWS\system32\ALCXMNTR.EXE/C:\WINDOWS\system32\ALCXMNTR.EXE Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\DOCUME~1\BFERRY~1\LOCALS~1\Temp\ctv5835.exe/C:\DOCUME~1\BFERRY~1\LOCALS~1\Temp\ctv5835.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\alcxmntr .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Documents and Settings\BFERRY_PT\alcxmntr.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv1205.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv2127.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv279.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3054.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3975.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv4900.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv5835.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv6762.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\Program Files\Adobe\acrotray .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Program Files\PowerISO\pwrisovm.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\Documents and Settings\BFERRY_PT\alcxmntr .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\alcxmntr .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\l3fmoetsvvsr .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\oodtray .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\C\WINDOWS\system32\taskswitch .exe.vir Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\Qoobox\Quarantine\[4]-Submit_2009-10-25_20.16.20.zip Infected: Trojan-Downloader.Win32.Small.anvz 3
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP43\A0002374.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP43\A0002375.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP43\A0002376.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003400.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003402.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003403.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0003488.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0004449.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0004451.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP44\A0004452.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP45\A0005449.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP45\A0005451.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP45\A0005452.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0005762.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0005764.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0005765.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007779.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007781.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007782.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007783.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007793.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007795.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0007796.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0009810.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0009811.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0009812.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0012387.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0012390.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP46\A0012392.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP47\A0012876.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP47\A0012877.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP47\A0012878.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0014944.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0014946.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0014948.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015472.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015473.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015474.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015843.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015844.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP48\A0015846.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015973.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015975.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015976.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0015998.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0016000.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP50\A0016001.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP51\A0017009.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP51\A0017011.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP51\A0017012.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP53\A0017244.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP53\A0017245.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP53\A0017246.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP56\A0018389.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP56\A0018391.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP56\A0018392.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018423.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018424.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018425.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018466.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018467.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP57\A0018469.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP61\A0019461.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP61\A0019463.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP61\A0019464.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP62\A0019926.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP62\A0019928.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP62\A0019929.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP65\A0020346.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP65\A0020347.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP65\A0020348.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020475.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020477.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020478.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020555.dll Infected: Trojan.Win32.Monder.gen 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020586.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020587.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP66\A0020589.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP69\A0020677.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP69\A0020679.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP69\A0020680.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020751.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020752.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020754.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020776.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020777.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020831.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020832.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020859.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020860.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020861.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020886.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020888.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020889.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020983.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020984.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020985.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020986.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020987.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020988.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020989.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020990.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020991.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020992.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020993.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020994.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020995.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020996.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020997.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020998.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0020999.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021000.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021001.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021002.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021003.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021004.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021005.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021006.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021007.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021008.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021009.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021010.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021011.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021012.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021013.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021014.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021015.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021016.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021017.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021018.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021019.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021020.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021021.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021022.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021023.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021024.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021025.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021026.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021027.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021028.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021029.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021030.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021033.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021035.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021036.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021037.exe Infected: Trojan.Win32.Vilsel.ijq 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021056.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021059.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP70\A0021060.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021349.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021350.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021351.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021361.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021363.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021364.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021392.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021393.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021404.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021406.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021407.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021423.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021425.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP72\A0021426.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021640.exe Infected: Trojan-Spy.Win32.FlyStudio.dvw 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021656.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021657.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021658.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021736.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021737.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP74\A0021739.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP78\A0021980.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP78\A0021982.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP78\A0021983.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022135.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022136.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022137.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022403.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022406.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022407.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022558.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022560.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\System Volume Information\_restore{BD46C379-AAED-4DCE-A590-305C4B354DE2}\RP79\A0022561.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\7SP_Files\LS Patch\LS Patch.exe Infected: not-a-virus:RiskTool.Win32.CloseApp.e 1
    C:\WINDOWS\system32\alcxmntr.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\ctfmon.exe.tmp Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\l3fmoetsvvsr.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\l3fmoetsvvsr.exe112 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\l3fmoetsvvsr.exe70 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe113 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe119 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe133 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe161 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe163 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe187 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe189 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe204 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe2135 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe239 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe356 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe64 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe690 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\oodtray.exe79 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch .exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe111 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe117 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe131 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe144 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe145 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe159 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe160 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe162 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe186 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe187 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe202 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe2133 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe238 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe243 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe354 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe63 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe78 Infected: Trojan-Downloader.Win32.Small.anvz 1
    C:\WINDOWS\system32\taskswitch.exe780 Infected: Trojan-Downloader.Win32.Small.anvz 1
    Selected area has been scanned.
    Damn_VCT

  3. #13
    Junior Member Damn_VCT-exe's Avatar
    Join Date
    Oct 2009
    Location
    Lisbon, PT
    Posts
    11

    Exclamation DDS txt log ready

    see DDS txt log attached, pls

    Quote Originally Posted by Damn_VCT-exe View Post
    NOTE : Although I have removed ( Revo's utility tool) previous AVira AntiVir Desktop from the system it seems Combofix detects it. I've already checked services.msc and it appears as disabled. So I don't know why Combofix stilll detects it ...
    Damn_VCT

  4. #14
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Do you have ComboFix log there to post too?
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  5. #15
    Junior Member Damn_VCT-exe's Avatar
    Join Date
    Oct 2009
    Location
    Lisbon, PT
    Posts
    11

    Exclamation ComboFix log file ready

    ComboFix log file attached for analisys
    IE popups and related iexplorer.exe processes still remain, neverless don't open it and use Firefox browser or Opera one ...
    Thanks for your kind help

    Quote Originally Posted by Blade81 View Post
    Hi,

    Do you have ComboFix log there to post too?
    Damn_VCT

  6. #16
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi again,


    Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:
    • Run Spybot-S&D in Advanced Mode
    • If it is not already set to do this, go to the Mode menu
      select
      Advanced Mode
    • On the left hand side, click on Tools
    • Then click on the Resident icon in the list
    • Uncheck
      Resident TeaTimer
      and OK any prompts.
    • Restart your computer



    Open notepad and copy/paste the text in the quotebox below into it:

    Code:
    http://forums.spybot.info/showthread.php?t=52724
    Collect::
    C:\WINDOWS\system32\ALCXMNTR.EXE
    C:\DOCUME~1\BFERRY~1\LOCALS~1\Temp\ctv5835.exe
    c:\windows\system32\oodtray.exe
    c:\windows\system32\taskswitch.exe
    C:\Documents and Settings\BFERRY_PT\alcxmntr .exe
    C:\Documents and Settings\BFERRY_PT\alcxmntr.exe
    C:\Program Files\Adobe\acrotray .exe
    C:\Program Files\PowerISO\pwrisovm.exe
    C:\WINDOWS\system32\alcxmntr.exe
    C:\WINDOWS\system32\ctfmon.exe.tmp
    C:\WINDOWS\system32\oodtray .exe
    C:\WINDOWS\system32\oodtray.exe
    C:\WINDOWS\system32\taskswitch .exe
    C:\WINDOWS\system32\taskswitch.exe
    File::
    C:\WINDOWS\system32\l3fmoetsvvsr.exe
    C:\WINDOWS\system32\l3fmoetsvvsr.exe112
    C:\WINDOWS\system32\l3fmoetsvvsr.exe70
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv1205.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv2127.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv279.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3054.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3975.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv4900.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv5835.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv6762.exe
    C:\WINDOWS\system32\oodtray.exe113
    C:\WINDOWS\system32\oodtray.exe119
    C:\WINDOWS\system32\oodtray.exe133
    C:\WINDOWS\system32\oodtray.exe161
    C:\WINDOWS\system32\oodtray.exe163
    C:\WINDOWS\system32\oodtray.exe187
    C:\WINDOWS\system32\oodtray.exe189
    C:\WINDOWS\system32\oodtray.exe204
    C:\WINDOWS\system32\oodtray.exe2135
    C:\WINDOWS\system32\oodtray.exe239
    C:\WINDOWS\system32\oodtray.exe356
    C:\WINDOWS\system32\oodtray.exe64
    C:\WINDOWS\system32\oodtray.exe690
    C:\WINDOWS\system32\oodtray.exe79
    C:\WINDOWS\system32\taskswitch.exe111
    C:\WINDOWS\system32\taskswitch.exe117
    C:\WINDOWS\system32\taskswitch.exe131
    C:\WINDOWS\system32\taskswitch.exe144
    C:\WINDOWS\system32\taskswitch.exe145
    C:\WINDOWS\system32\taskswitch.exe159
    C:\WINDOWS\system32\taskswitch.exe160
    C:\WINDOWS\system32\taskswitch.exe162
    C:\WINDOWS\system32\taskswitch.exe186
    C:\WINDOWS\system32\taskswitch.exe187
    C:\WINDOWS\system32\taskswitch.exe202
    C:\WINDOWS\system32\taskswitch.exe2133
    C:\WINDOWS\system32\taskswitch.exe238
    C:\WINDOWS\system32\taskswitch.exe243
    C:\WINDOWS\system32\taskswitch.exe354
    C:\WINDOWS\system32\taskswitch.exe63
    C:\WINDOWS\system32\taskswitch.exe78
    C:\WINDOWS\system32\taskswitch.exe780
    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AlcxMonitor"=-
    Regnull::
    [HKEY_USERS\S-1-5-21-1757981266-838170752-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C94E95CB-8326-FAAC-F478-2139F7C67C48}*]

    Save this as
    CFScript

    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.



    Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe. Have internet connection open so that samples can be submitted.
    Then post the resultant log. Re-run Kaspersky online scanner and attach its report & fresh dds log to your post too.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  7. #17
    Junior Member Damn_VCT-exe's Avatar
    Join Date
    Oct 2009
    Location
    Lisbon, PT
    Posts
    11

    Exclamation

    Hi again
    Followed the steps you mentioned
    Combofix log follows in attachment.

    Quote Originally Posted by Blade81 View Post
    Hi again,


    Disable Spybot's TeaTimer to make sure it won't interfere with fixes. You can re-enable it when you're clean again:
    • Run Spybot-S&D in Advanced Mode
    • If it is not already set to do this, go to the Mode menu
      select
      Advanced Mode
    • On the left hand side, click on Tools
    • Then click on the Resident icon in the list
    • Uncheck
      Resident TeaTimer
      and OK any prompts.
    • Restart your computer



    Open notepad and copy/paste the text in the quotebox below into it:

    Code:
    http://forums.spybot.info/showthread.php?t=52724
    Collect::
    C:\WINDOWS\system32\ALCXMNTR.EXE
    C:\DOCUME~1\BFERRY~1\LOCALS~1\Temp\ctv5835.exe
    c:\windows\system32\oodtray.exe
    c:\windows\system32\taskswitch.exe
    C:\Documents and Settings\BFERRY_PT\alcxmntr .exe
    C:\Documents and Settings\BFERRY_PT\alcxmntr.exe
    C:\Program Files\Adobe\acrotray .exe
    C:\Program Files\PowerISO\pwrisovm.exe
    C:\WINDOWS\system32\alcxmntr.exe
    C:\WINDOWS\system32\ctfmon.exe.tmp
    C:\WINDOWS\system32\oodtray .exe
    C:\WINDOWS\system32\oodtray.exe
    C:\WINDOWS\system32\taskswitch .exe
    C:\WINDOWS\system32\taskswitch.exe
    File::
    C:\WINDOWS\system32\l3fmoetsvvsr.exe
    C:\WINDOWS\system32\l3fmoetsvvsr.exe112
    C:\WINDOWS\system32\l3fmoetsvvsr.exe70
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv1205.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv2127.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv279.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3054.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv3975.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv4900.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv5835.exe
    C:\Documents and Settings\BFERRY_PT\Local Settings\temp\ctv6762.exe
    C:\WINDOWS\system32\oodtray.exe113
    C:\WINDOWS\system32\oodtray.exe119
    C:\WINDOWS\system32\oodtray.exe133
    C:\WINDOWS\system32\oodtray.exe161
    C:\WINDOWS\system32\oodtray.exe163
    C:\WINDOWS\system32\oodtray.exe187
    C:\WINDOWS\system32\oodtray.exe189
    C:\WINDOWS\system32\oodtray.exe204
    C:\WINDOWS\system32\oodtray.exe2135
    C:\WINDOWS\system32\oodtray.exe239
    C:\WINDOWS\system32\oodtray.exe356
    C:\WINDOWS\system32\oodtray.exe64
    C:\WINDOWS\system32\oodtray.exe690
    C:\WINDOWS\system32\oodtray.exe79
    C:\WINDOWS\system32\taskswitch.exe111
    C:\WINDOWS\system32\taskswitch.exe117
    C:\WINDOWS\system32\taskswitch.exe131
    C:\WINDOWS\system32\taskswitch.exe144
    C:\WINDOWS\system32\taskswitch.exe145
    C:\WINDOWS\system32\taskswitch.exe159
    C:\WINDOWS\system32\taskswitch.exe160
    C:\WINDOWS\system32\taskswitch.exe162
    C:\WINDOWS\system32\taskswitch.exe186
    C:\WINDOWS\system32\taskswitch.exe187
    C:\WINDOWS\system32\taskswitch.exe202
    C:\WINDOWS\system32\taskswitch.exe2133
    C:\WINDOWS\system32\taskswitch.exe238
    C:\WINDOWS\system32\taskswitch.exe243
    C:\WINDOWS\system32\taskswitch.exe354
    C:\WINDOWS\system32\taskswitch.exe63
    C:\WINDOWS\system32\taskswitch.exe78
    C:\WINDOWS\system32\taskswitch.exe780
    Registry::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AlcxMonitor"=-
    Regnull::
    [HKEY_USERS\S-1-5-21-1757981266-838170752-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C94E95CB-8326-FAAC-F478-2139F7C67C48}*]

    Save this as
    CFScript

    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.



    Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe. Have internet connection open so that samples can be submitted.
    Then post the resultant log. Re-run Kaspersky online scanner and attach its report & fresh dds log to your post too.
    Damn_VCT

  8. #18
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Shall get back to this when those other requested reports are ready
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  9. #19
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    What's the status with this?
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  10. #20
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Due to inactivity, this thread will now be closed.

    Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

    If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •