please help virtumonde and win 32

Shaba · Jan 29, 2008

Hi

First we'll need to backup registry:

Start -> Run -> regedit -> ok. Then File -> Export. Give it a name and press Save.

Save text below as fix.reg on Notepad (save it as all files (*.*)) on Desktop

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

It should look like this ->

Doubleclick fix.reg, press Yes and ok.

(In case you are unsure how to create a reg file, take a look here with screenshots.)

Open HijackThis, click do a system scan only and checkmark these:

O2 - BHO: (no name) - {4F78FCB9-5E5E-47A3-8E69-5A5E97739DBD} - C:\windows\system32\jkkjj.dll (file missing)
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\windows\system32\windows (file missing)

Close all windows including browser and press fix checked.

Reboot.

Re-run combofix.

Post:

- a fresh HijackThis log
- combofix report

yeager · Jan 30, 2008

hijack log and first part of combo fix

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:58:57 PM, on 1/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\ehome\ehSched.exe
C:\windows\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\windows\System32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\windows\ALCXMNTR.EXE
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\windows\system32\wuauclt.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\YEAGER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [WHITNEY_S2P] C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj .exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office Outlook 2003.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1106804790593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160972100265
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lowrance.com/Downloads/Updates/MapCreate/MapCreate620/isetup.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://aciweb.webex.com/client/v_mywebex/training/ieatgpc.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\windows\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\windows\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Microsoft cache control (MSControlService) - Unknown owner - C:\windows\system32\windows (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 12548 bytes

ComboFix 08-01-28.2 - CHRIS 2008-01-29 18:00:26.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.162 [GMT -6:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-30 )))))))))))))))))))))))))))))))
.

2008-01-25 10:53 . 2008-01-25 10:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-24 16:42 . 2008-01-24 16:42 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-24 16:42 . 2008-01-24 16:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-24 02:49 . 2008-01-29 17:54 5,029,920 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-24 02:49 . 2008-01-29 17:54 33,536 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-24 02:43 . 2008-01-24 02:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-01-24 02:43 . 2007-11-14 16:05 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-01-24 02:16 . 2008-01-24 02:16 338,432 --a------ C:\WINDOWS\system32\RCXE9F.tmp
2008-01-22 18:24 . 2008-01-28 09:06 182 --a------ C:\WINDOWS\system\hpsysdrv .DAT
2008-01-22 18:02 . 2008-01-22 18:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-01-22 18:01 . 2008-01-22 18:01 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-01-22 17:34 . 2008-01-28 22:06 <DIR> d-------- C:\Program Files\Dot1XCfg
2008-01-22 15:01 . 1999-10-22 01:11 52,736 --a------ C:\WINDOWS\system32\Pdfshell.dll
2008-01-22 15:01 . 1999-10-22 11:00 16,896 --a------ C:\WINDOWS\system32\PdfPorts.dll
2008-01-19 11:52 . 2008-01-19 11:52 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\GARMIN
2008-01-19 11:21 . 2004-11-30 12:28 86,094 --a------ C:\WINDOWS\system32\ImageDrive.cpl
2008-01-19 09:02 . 2008-01-28 22:06 <DIR> d-------- C:\Program Files\iTunes
2008-01-19 08:59 . 2008-01-28 22:06 <DIR> d-------- C:\Program Files\QuickTime
2008-01-16 16:27 . 2008-01-19 09:08 <DIR> d-------- C:\Program Files\AllToAVI
2008-01-12 13:26 . 2008-01-12 13:26 <DIR> d-------- C:\Program Files\MagicISO
2008-01-10 15:27 . 2008-01-10 15:27 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-10 15:27 . 2008-01-10 15:27 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-01-10 15:05 . 2008-01-10 15:05 <DIR> d-------- C:\Program Files\Apex Software
2008-01-10 14:26 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-10 13:37 . 2008-01-10 13:43 <DIR> d-------- C:\Program Files\Common Files\ACI
2008-01-08 11:49 . 2008-01-08 13:04 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-01-08 11:48 . 2008-01-08 13:04 <DIR> d-------- C:\Program Files\AutoGK
2008-01-07 19:16 . 2008-01-07 19:16 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-01-07 13:39 . 2008-01-07 13:39 <DIR> d-------- C:\Program Files\Xvid
2008-01-07 13:39 . 2008-01-07 13:39 <DIR> d-------- C:\Program Files\Gabest
2008-01-07 13:38 . 2008-01-07 13:38 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-01-07 13:38 . 2008-01-15 19:22 <DIR> d-------- C:\Program Files\AVI ReComp
2008-01-04 15:59 . 2008-01-04 15:59 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-01-04 15:59 . 2008-01-04 15:59 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-01-04 15:58 . 2008-01-04 15:58 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 15:58 . 2008-01-04 15:58 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-01-04 15:58 . 2008-01-04 15:58 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-01-04 15:56 . 2008-01-04 15:56 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 15:56 . 2008-01-04 15:56 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-28 12:31 . 2007-12-28 12:31 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Yahoo!
2007-12-19 16:48 . 2007-12-19 16:48 <DIR> d-------- C:\Documents and Settings\Administrator\logitech
2007-12-19 16:48 . 2007-12-28 12:21 <DIR> d-------- C:\Documents and Settings\Administrator\browser - logitech
2007-12-19 16:47 . 2007-12-19 16:47 <DIR> d-------- C:\Program Files\Common Files\Remote Control USB Driver
2007-12-19 16:47 . 2007-12-19 16:48 <DIR> d-------- C:\Program Files\Common Files\Remote Control Software Common
2007-12-19 16:46 . 2007-12-19 16:47 <DIR> d-------- C:\Program Files\Logitech
2007-12-19 16:46 . 2007-12-19 16:46 127,034 -r------- C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-12-19 16:45 . 2007-12-19 16:45 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InstallShield
2007-12-17 14:59 . 2007-12-28 12:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-12-17 14:59 . 2004-10-25 15:18 131,072 --a------ C:\WINDOWS\system32\ypclsp.dll
2007-12-17 14:59 . 2003-05-19 16:07 86,016 --a------ C:\WINDOWS\system32\YPcservice.exe
2007-12-06 15:02 . 2008-01-25 11:19 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-06 15:02 . 2007-12-06 15:02 1,409 --a------ C:\WINDOWS\QTFont.for

yeager · Jan 30, 2008

2nd part of combofix

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 17:27 --------- d-----w C:\Program Files\The Redlink for Oklahoma
2008-01-29 17:24 73,216 ----a-w C:\windows\ST6UNST.EXE
2008-01-29 17:24 286,720 ------w C:\windows\Setup1.exe
2008-01-29 04:06 --------- d-----w C:\Program Files\USB Storage RW
2008-01-29 04:06 --------- d-----w C:\Program Files\PowerISO
2008-01-29 04:06 --------- d-----w C:\Program Files\Multimedia Card Reader
2008-01-29 04:06 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-01-29 04:06 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-01-25 17:18 15,360 ----a-w C:\windows\system32\dllcache\ctfmon.exe
2008-01-25 17:18 15,360 ----a-w C:\windows\system32\ctfmon.exe
2008-01-25 17:17 50,176 ----a-w C:\windows\system32\dllcache\ehtray.exe
2008-01-25 17:14 109,056 ----a-w C:\windows\Internet Logs\xDB2.tmp
2008-01-25 17:14 1,403,392 ----a-w C:\windows\Internet Logs\xDB3.tmp
2008-01-25 02:15 251,392 ----a-w C:\windows\Internet Logs\xDB1.tmp
2008-01-23 00:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-22 20:10 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ACI
2008-01-19 15:02 --------- d-----w C:\Program Files\iPod
2008-01-17 15:18 --------- d-----w C:\Program Files\DivX
2008-01-10 20:26 --------- d-----w C:\Program Files\Java
2008-01-10 19:37 --------- d-----r C:\Program Files\ACI32
2008-01-07 05:57 --------- d-----w C:\Program Files\dvdSanta
2008-01-04 21:57 823,296 ----a-w C:\windows\system32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\windows\system32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\windows\system32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\windows\system32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\windows\system32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\windows\system32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\windows\system32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\windows\system32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\windows\system32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\windows\system32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\windows\system32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\windows\system32\dtu100.dll
2007-12-30 23:12 --------- d-----w C:\Documents and Settings\Administrator\Application Data\U3
2007-12-30 22:51 --------- d-----w C:\Program Files\Picasa2
2007-12-28 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-19 22:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-17 20:59 --------- d-----w C:\Program Files\Yahoo!
2007-11-29 22:30 43,528 ----a-w C:\windows\system32\drivers\pxhelp20.sys
2007-11-29 22:30 129,784 ----a-w C:\windows\system32\pxafs.dll
2007-11-29 22:30 120,056 ----a-w C:\windows\system32\pxcpyi64.exe
2007-11-29 22:30 118,520 ----a-w C:\windows\system32\pxinsi64.exe
2007-11-14 22:05 1,086,952 ----a-w C:\windows\system32\zpeng24.dll
2007-11-07 09:26 721,920 ----a-w C:\windows\system32\lsasrv.dll
2007-11-07 09:26 721,920 ----a-w C:\windows\system32\dllcache\lsasrv.dll
2007-10-30 23:42 3,590,656 ----a-w C:\windows\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ----a-w C:\windows\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,287,680 ----a-w C:\windows\system32\quartz.dll
2007-10-29 22:43 1,287,680 ----a-w C:\windows\system32\dllcache\quartz.dll
2007-10-27 23:40 227,328 ----a-w C:\windows\system32\wmasf.dll
2007-10-27 23:40 227,328 ----a-w C:\windows\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\windows\system32\dllcache\shell32.dll
2007-10-10 23:56 824,832 ----a-w C:\windows\system32\wininet.dll
2007-10-10 23:56 824,832 ----a-w C:\windows\system32\dllcache\wininet.dll
2007-10-10 23:56 232,960 ----a-w C:\windows\system32\dllcache\webcheck.dll
2007-10-10 23:56 1,159,680 ----a-w C:\windows\system32\dllcache\urlmon.dll
2007-10-10 23:55 671,232 ----a-w C:\windows\system32\dllcache\mstime.dll
2007-10-10 23:55 63,488 ----a-w C:\windows\system32\dllcache\icardie.dll
2007-10-10 23:55 6,065,664 ----a-w C:\windows\system32\dllcache\ieframe.dll
2007-10-10 23:55 52,224 ----a-w C:\windows\system32\dllcache\msfeedsbs.dll
2007-10-10 23:55 478,208 ----a-w C:\windows\system32\dllcache\mshtmled.dll
2007-10-10 23:55 459,264 ----a-w C:\windows\system32\dllcache\msfeeds.dll
2007-10-10 23:55 44,544 ----a-w C:\windows\system32\dllcache\iernonce.dll
2007-10-10 23:55 384,512 ----a-w C:\windows\system32\dllcache\iedkcs32.dll
2007-10-10 23:55 383,488 ----a-w C:\windows\system32\dllcache\ieapfltr.dll
2007-10-10 23:55 27,648 ----a-w C:\windows\system32\dllcache\jsproxy.dll
2007-10-10 23:55 267,776 ----a-w C:\windows\system32\dllcache\iertutil.dll
2007-10-10 23:55 230,400 ----a-w C:\windows\system32\dllcache\ieaksie.dll
2007-10-10 23:55 214,528 ----a-w C:\windows\system32\dllcache\dxtrans.dll
2007-10-10 23:55 193,024 ----a-w C:\windows\system32\dllcache\msrating.dll
2007-10-10 23:55 153,088 ----a-w C:\windows\system32\dllcache\ieakeng.dll
2007-10-10 23:55 132,608 ----a-w C:\windows\system32\dllcache\extmgr.dll
2007-10-10 23:55 124,928 ----a-w C:\windows\system32\dllcache\advpack.dll
2007-10-10 23:55 105,984 ----a-w C:\windows\system32\dllcache\url.dll
2007-10-10 23:55 102,400 ----a-w C:\windows\system32\dllcache\occache.dll
2007-10-10 10:59 70,656 ----a-w C:\windows\system32\dllcache\ie4uinit.exe
2007-10-10 10:59 625,152 ----a-w C:\windows\system32\dllcache\iexplore.exe
2007-10-10 10:59 13,824 ----a-w C:\windows\system32\dllcache\ieudinit.exe
2007-10-10 05:46 161,792 ----a-w C:\windows\system32\dllcache\ieakui.dll
2007-05-24 22:46 176 ----a-w C:\Documents and Settings\Administrator\NERO OVERBURN.REG
2007-02-15 22:55 114,888 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_02_15_13_29_42_small.dmp.zip
2007-02-13 19:28 19,380,007 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_02_13_13_09_49_full.dmp.zip
2007-02-06 01:10 113,763 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_02_02_01_46_50_small.dmp.zip
2007-01-30 14:53 113,479 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_01_29_17_41_02_small.dmp.zip
2007-01-29 15:58 108,378 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_01_28_18_41_08_small.dmp.zip
2007-01-11 05:29 116,197 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_01_10_15_28_36_small.dmp.zip
2007-01-10 16:30 112,859 ----a-w C:\windows\Internet Logs\vsmon_2nd_2007_01_10_01_47_22_small.dmp.zip
2005-12-23 14:15 107,114 ----a-w C:\windows\Internet Logs\vsmon_2nd_2005_12_22_19_11_06_small.dmp.zip
2005-12-20 03:27 114,117 ----a-w C:\windows\Internet Logs\vsmon_2nd_2005_12_19_21_12_41_small.dmp.zip
2005-12-19 01:36 48,211 ----a-w C:\windows\Internet Logs\zlclient_2nd_2005_12_18_19_34_09_small.dmp.zip
2005-03-07 23:12 13,824 ----a-w C:\Documents and Settings\Administrator\atwbxdet.dll
2001-01-11 13:20 61,888 ----a-w C:\windows\inf\WIN2000\KTC111.SYS
2002-08-29 12:00 94,784 --sha-w C:\windows\twain.dll
2004-08-04 07:56 50,688 --sha-w C:\windows\twain_32.dll
2004-05-17 17:11 0 --sha-w C:\windows\SMINST\HPCD.sys
2005-12-20 10:07 8 --sha-r C:\windows\system32\fgxp8.dll
2004-08-04 07:56 1,028,096 --sha-w C:\windows\system32\mfc42.dll
2004-08-04 07:56 54,784 --sha-w C:\windows\system32\msvcirt.dll
2004-08-04 07:56 413,696 --sha-w C:\windows\system32\msvcp60.dll
2004-08-04 07:56 343,040 --sha-w C:\windows\system32\msvcrt.dll
2007-05-17 11:28 549,376 --sha-w C:\windows\system32\oleaut32.dll
2004-08-04 07:56 83,456 --sha-w C:\windows\system32\olepro32.dll
2004-08-04 07:56 11,776 --sha-w C:\windows\system32\regsvr32.exe
.

Code:

<pre>
----a-w           919,016 2008-01-25 17:18:37  C:\_OTMoveIt\MovedFiles\[u]0[/u]1292008_114705\Program Files\Zone Labs\ZoneAlarm\zlclient .exe
----a-w           155,648 2008-01-25 17:17:47  C:\_OTMoveIt\MovedFiles\[u]0[/u]1292008_114705\WINDOWS\system32\NeroCheck .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\windows\system32\ctfmon.exe" [2008-01-25 11:18 15360]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\nbj .exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"Sonic RecordNow! Deluxe"="" []
"Dot1XCfg"="C:\Program Files\Dot1XCfg\Dot1XCfg.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [ ]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [ ]
"KBD"="C:\HP\KBD\KBD.EXE" [ ]
"IPInSightMonitor 01"="C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe" [ ]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2008-01-25 11:17 50176]
"Sunkist2k"="C:\Program Files\Multimedia Card Reader\shwicon2k.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"KYE_Showicon"="C:\Program Files\USB Storage RW\shwicon.exe" [ ]
"StorageGuard"="C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" [ ]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [ ]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [ ]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [ ]
"WHITNEY_S2P"="C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe" [ ]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [ ]
"CamMonitor"="c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe" [ ]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 13:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"NvCplDaemon"="C:\windows\system32\NvCpl.dll" [2004-02-23 15:43 3026944]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 12:45 36040]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-27 19:17 443968]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe [2004-11-29 19:55:44 569405]
Digimax Viewer 2.1.lnk - C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe [2005-12-19 21:38:03 634880]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-12-19 16:46:46 67128]
Microsoft Office Outlook 2003.lnk - C:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe [2007-05-01 09:17:58 794624]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=C:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
--a------ 2004-08-22 17:05 81920 C:\Program Files\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 9.0]
--a------ 2004-11-22 17:20 1126400 C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-02-23 15:43 753664 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
--a------ 2002-04-17 18:42 69632 c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-06-19 11:09 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2006-11-03 18:20 866584 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"navapsvc"=2 (0x2)

R0 PQV2i;PQV2i;C:\windows\system32\drivers\PQV2i.sys [2004-11-22 16:51]
R1 PQIMount;PQIMount;C:\windows\system32\drivers\PQIMount.sys [2004-11-22 17:08]
R2 lowpp;Lowrance MMC Parallel Port Driver;C:\windows\system32\Drivers\lowpp.sys [2000-11-14 09:30]
R3 hcwPVRP2;Hauppauge WinTV PVR PCI II (Encoder);C:\windows\system32\DRIVERS\hcwPVRP2.sys [2003-12-02 16:23]
S3 MSControlService;Microsoft cache control;C:\windows\system32\windows []
S3 PCDRDRV;Pcdr Helper Driver;C:\PROGRA~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys []
S3 StMp3Rec;Player Recovery Device Control Driver;C:\windows\system32\Drivers\StMp3Rec.sys [2006-05-16 14:22]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23d57e89-9a7e-11db-bba9-000c6e4cb699}]
\Shell\AutoRun\command - N:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23d57e8a-9a7e-11db-bba9-000c6e4cb699}]
\Shell\AutoRun\command - O:\setupSNK.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-01-25 23:15:00 C:\windows\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe
"2008-01-26 05:04:07 C:\windows\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-04-04 14:38:46 C:\windows\Tasks\MP Scheduled Quick Scan.job"
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe%Scan -RestrictPrivileges -ScanType 1
"2008-01-29 23:58:11 C:\windows\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-29 18:05:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-29 18:07:58
ComboFix-quarantined-files.txt 2008-01-30 00:07:54
ComboFix2.txt 2008-01-29 16:10:20
ComboFix3.txt 2008-01-28 15:16:12
.
2008-01-24 22:40:08 --- E O F ---

Shaba · Jan 30, 2008

Hi

Please click Start > Run and type in: services.msc
Click OK
In the Services window find: Microsoft cache control (MSControlService)
Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK

Now, go to Start > Run, and copy/paste the following into the Open box:
sc delete MSControlService
Click: OK

Reboot.

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings
In the scan settings make sure that the following are selected:

o Scan using the following Anti-Virus database:

+ Extended (If available otherwise Standard)

o Scan Options:

+ Scan Archives
+ Scan Mail Bases
Click OK
Now under select a target to scan select My Computer
The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button
Save the file to your desktop.
Copy and paste that information in your next post.

Note: This scanner will work with Internet Explorer Only!

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log
- kaspersky report

yeager · Jan 30, 2008

Hijack Report

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:14:42 PM, on 1/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\ehome\ehSched.exe
C:\windows\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\windows\System32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\windows\ALCXMNTR.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\ACI32\Applications\Report32.exe
C:\Program Files\DeLorme\Street Atlas USA 2007\SA2007.exe
C:\Program Files\internet explorer\iexplore.exe
C:\PROGRA~1\MI1933~1\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\YEAGER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [WHITNEY_S2P] C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj .exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office Outlook 2003.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1106804790593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160972100265
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lowrance.com/Downloads/Updates/MapCreate/MapCreate620/isetup.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://aciweb.webex.com/client/v_mywebex/training/ieatgpc.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\windows\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\windows\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 12451 bytes

yeager · Jan 30, 2008

Kasper 1st part

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, January 30, 2008 3:13:37 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 30/01/2008
Kaspersky Anti-Virus database records: 538462
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
E:\
F:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\

Scan Statistics:
Total number of scanned objects: 177072
Number of viruses found: 26
Number of infected objects: 574
Number of suspicious objects: 34
Duration of the scan process: 03:32:04

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\rayiou.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008013020080131\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\INMEM000.REM Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\JET3364.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\JET7E08.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\JETA8D1.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\JETBA55.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\JETBB6E.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\REPORT\zoo206D.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\Report32\PDOXUSRS.LCK Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF4237.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF425B.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF6084.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12222006-135857.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy1.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy1.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy13.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy13.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy17.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy17.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy21.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy21.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy25.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy25.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy29.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy29.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy33.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy33.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy37.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy37.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy41.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy41.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy45.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy45.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy49.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy49.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy5.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy5.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy53.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy53.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy69.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy69.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy81.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy81.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy9.zip/msexreg.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy9.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy93.zip/trkgif.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eXactAdvertisingBargainsBuddy93.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ACI32\Databases\Common\PDOXUSRS.NET Object is locked skipped
C:\Program Files\ACI32\Reports\3629.aci Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Data\GAZ\POI_Extinfo.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Data\GAZ\XMAPGAZ.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\dmcRouter.log Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Find_SA2007\PostalCodes\ZipMBR.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Radio\Radio.ldb Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\L0000005.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\storydb.idx Object is locked skipped
C:\QooBox\Quarantine\C\hp\KBD\KBD.EXE.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Ahead\Nero BackItUp\nbj .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Common Files\omzu\omzum.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Dot1XCfg\Dot1XCfg.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\iTunes\iTunesHelper.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Java\jre1.6.0_03\bin\jusched.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Microsoft IntelliPoint\ipoint.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Microsoft IntelliType Pro\itype.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Multimedia Card Reader\shwicon2k.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\PowerISO\PWRISOVM.EXE.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\SBC Yahoo!\Connection Manager\IP Insight\IPMon32.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\Temporary\kernInst.exe.vir Infected: Trojan.Win32.Agent.edq skipped
C:\QooBox\Quarantine\C\Program Files\USB Storage RW\shwicon.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\Program Files\VERITAS Software\Update Manager\sgtray.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\PROGRA~1\COMMON~1\omzu\omzum .exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\PROGRA~1\Yahoo!\YOP\yop.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\b122.exe.vir Infected: Trojan-Downloader.Win32.Agent.hvj skipped
C:\QooBox\Quarantine\C\WINDOWS\mrofinu922.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\SMINST\RECGUARD.EXE.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system\hpsysdrv.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\awtqpnm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\carlgcgh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.eby skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cpfsjfpg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\iifddbb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\iqpqgany.exe.vir Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jkhfd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jkhfd.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jkhfg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jkhfg.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\koqijoke.exe.vir Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ljjgdec.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lsnngicm.exe.vir Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\NeroCheck.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\nkiauxoy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rbnxxhak.exe.vir Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tvubgttb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\windows.vir Infected: Trojan.Win32.Zapchast.dt skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xxyaxya.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\yayaxvt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\QooBox\Quarantine\catchme2008-01-28_ 91015.54.zip/cpfsjfpg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\QooBox\Quarantine\catchme2008-01-28_ 91015.54.zip/yayyaba.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\QooBox\Quarantine\catchme2008-01-28_ 91015.54.zip/zlclient.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\catchme2008-01-28_ 91015.54.zip ZIP: infected - 3 skipped

yeager · Jan 30, 2008

kasper 2nd

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0218468.dll Infected: not-a-virus:AdWare.Win32.PurityScan.gt skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219434.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219435.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219437.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219438.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219439.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219440.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219441.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219442.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219443.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219444.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219446.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219447.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219449.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219450.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219451.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219452.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219453.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219454.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219455.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219456.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219457.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219458.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219459.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219460.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219461.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219462.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219463.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219487.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219509.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219510.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219511.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219513.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219514.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219516.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219517.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219518.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219520.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219522.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219523.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219524.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219525.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219526.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219527.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219528.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219529.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219530.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219531.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219535.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219537.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219538.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219556.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219560.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219586.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219587.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219590.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219591.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219593.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219594.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219595.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219596.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219598.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219599.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219600.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219601.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219602.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219603.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219604.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219610.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219612.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219613.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219614.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219622.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219623.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219626.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219634.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219637.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220585.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220587.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220588.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220590.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220591.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220593.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220594.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220595.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220596.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220598.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220599.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220600.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220601.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220602.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220603.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220604.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220605.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220606.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220607.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220608.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220612.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220615.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220618.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220623.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220627.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220631.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220636.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220639.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped

yeager · Jan 30, 2008

kasper 3rd

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220662.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220664.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220665.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220669.exe Infected: Trojan-Downloader.Win32.TSUpdate.r skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220670.exe Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220671.exe Infected: Trojan-Downloader.Win32.Delf.dlk skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220672.exe Infected: not-a-virus:AdWare.Win32.Rond.d skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220673.exe Infected: Trojan-Downloader.Win32.Agent.cbx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220674.exe Infected: Trojan-Downloader.Win32.Agent.fjn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220680.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220697.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220699.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220703.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220704.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220708.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220709.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220710.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220711.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220712.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220713.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220715.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220716.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220718.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220719.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220720.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220721.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220722.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220724.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220725.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220726.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220727.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220728.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220729.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220730.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220731.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220732.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220733.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220736.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220737.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220738.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220739.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220740.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220741.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220745.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220746.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221775.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221776.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221777.exe Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221778.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221779.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221780.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221781.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221783.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221784.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221785.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221786.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221787.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221788.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221789.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221790.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221791.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221792.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221793.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221795.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221796.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221798.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221800.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped

yeager · Jan 30, 2008

kasper 4th

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221823.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221827.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221835.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221837.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221838.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221839.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221840.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221841.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221842.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221843.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221847.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221849.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221850.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221851.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221852.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221853.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221854.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221855.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221858.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221859.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221862.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221863.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221864.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221866.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221869.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221871.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221873.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221883.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222815.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222816.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222817.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222818.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222821.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222824.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222825.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222826.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222827.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222828.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222829.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222831.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222832.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222833.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222836.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222840.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222842.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222854.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222857.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222858.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222866.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222869.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222879.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0223806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped

yeager · Jan 30, 2008

kasper 5th

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0223816.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224812.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224815.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224817.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224818.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224819.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224823.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224824.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224825.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224826.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224827.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224828.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224829.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224831.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224832.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224833.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224835.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224840.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224845.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224853.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224858.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224860.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224861.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224881.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224959.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224960.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224961.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224962.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224963.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224964.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224965.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224967.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224968.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224969.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224970.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224971.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224972.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224974.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224975.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224976.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224977.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224978.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224979.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224982.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224983.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224984.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225004.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225005.exe Infected: Trojan-Downloader.Win32.Agent.hvj skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225006.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225007.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225008.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225009.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225010.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225011.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225012.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225013.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.eby skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225016.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225017.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225018.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225020.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225021.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225024.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225027.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225028.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225036.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225037.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225038.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225039.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225040.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225041.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225042.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225043.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225044.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225045.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225046.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225047.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225048.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225049.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225050.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

yeager · Jan 30, 2008

kasper 6th

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225051.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225052.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225053.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225054.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225055.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225056.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225057.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225058.exe Infected: Trojan.Win32.Agent.edq skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225061.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225068.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225069.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225077.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225314.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225315.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225316.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225317.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225318.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225319.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225320.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225321.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225325.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225334.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225338.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225420.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/wr-1-922.exe Infected: Trojan-Downloader.Win32.Small.hsg skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/ACROBA~1.EXE/data0000.cab/is151287.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/ACROBA~1.EXE/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/ACROBA~1.EXE Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe Rsrc-Package: infected - 5 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/wr-1-922.exe Infected: Trojan-Downloader.Win32.Small.hsg skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/Keygen.exe/data0000.cab/is151287.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/Keygen.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/Keygen.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe Rsrc-Package: infected - 5 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/wr-1-922.exe Infected: Trojan-Downloader.Win32.Small.hsg skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/PDF_WR~1.EXE/data0000.cab/is151287.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/PDF_WR~1.EXE/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/PDF_WR~1.EXE Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe Rsrc-Package: infected - 5 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1010\change.log Object is locked skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP910\A0209953.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

yeager · Jan 30, 2008

kasper 7th

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP910\A0209953.exe RAR: infected - 1 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP996\A0216136.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP996\A0216158.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0216181.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217181.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217184.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217185.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217186.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217188.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217189.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217190.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217192.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217193.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217194.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217195.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217196.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217197.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217198.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217199.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217200.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217201.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217202.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217203.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217206.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217207.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217209.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217225.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217241.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217242.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217244.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217245.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217246.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217247.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217248.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217250.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217251.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217252.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217253.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217254.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217255.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217259.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217260.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217261.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217262.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217263.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217265.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217266.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217267.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217268.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217288.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217313.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217314.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217315.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217316.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217317.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217318.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217319.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217321.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217322.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217323.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217324.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217325.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217326.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217327.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217328.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217329.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217330.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217332.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217334.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217335.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217336.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217337.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218239.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218240.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218241.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218243.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218245.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218246.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218247.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218248.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218250.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218251.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218252.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218253.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218254.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218261.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218262.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218263.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218264.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218266.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218267.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218268.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218269.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218270.exe Infected: Trojan-Downloader.Win32.Agent.hvx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218271.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218272.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218294.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218312.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218314.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218315.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218316.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218318.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218320.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218321.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218322.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218324.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218325.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218326.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218327.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218328.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218329.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218330.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218331.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218332.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218333.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218335.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218339.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218340.exe Infected: Trojan-Downloader.Win32.Agent.hvx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218341.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218342.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218362.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218376.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218383.exe Infected: Trojan-Downloader.Win32.Agent.hvx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218393.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218394.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218405.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218406.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218407.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218408.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218409.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218410.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218411.exe Infected: Trojan-Downloader.Win32.Agent.hcn skipped

yeager · Jan 30, 2008

kasper 8th and final

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218418.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218435.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218436.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218437.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218438.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218439.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218440.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218443.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218444.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218445.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218446.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218448.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218449.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218450.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218451.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218452.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218453.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218454.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218455.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218456.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218457.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218458.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218459.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218460.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218461.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\crypt32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hh.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hhctrl.ocx Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\html32.cnv Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\itss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\locator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\magnify.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\mrxsmb.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\msconv97.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\narrator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\newdev.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ntkrnlpa.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\osk.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\raspptp.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\srv.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\zipfldr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\expsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msexch40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjint40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjter40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msltus40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\eHome\ehtray.exe.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\systemprofile\My Documents\torrents\2003 Windows XP Pro or Office-XP keygen computes unique cd-keys.exe/data0003 Infected: Trojan-Downloader.Win32.IstBar.gen skipped
C:\WINDOWS\system32\config\systemprofile\My Documents\torrents\2003 Windows XP Pro or Office-XP keygen computes unique cd-keys.exe NSIS: infected - 1 skipped
C:\WINDOWS\system32\config\Windows_OneCare_Evt.evt Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\RCXE9F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\system32\spool\PRINTERS\FP00002.SHD Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\FP00002.SPL Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\_OTMoveIt\MovedFiles\01292008_114705\WINDOWS\17PHolmes922.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\_OTMoveIt\MovedFiles\01292008_114705\WINDOWS\mrofinu922.exe.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\_OTMoveIt\MovedFiles\01292008_114705\WINDOWS\system32\cdkfjsdt.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\_OTMoveIt\MovedFiles\01292008_114705\WINDOWS\system32\RCX1627.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped

Scan process completed.

Shaba · Jan 31, 2008

Hi

Empty these folders:

C:\_OTMoveIt\MovedFiles
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery
C:\QooBox\Quarantine\

Delete these:

C:\WINDOWS\eHome\ehtray.exe.tmp
C:\WINDOWS\system32\RCXE9F.tmp
C:\WINDOWS\system32\config\systemprofile\My Documents\torrents\2003 Windows XP Pro or Office-XP keygen computes unique cd-keys.exe
C:\Documents and Settings\Administrator\Application Data\Microsoft\Windows\rayiou.exe

Empty Recycle Bin.

Re-scan with kaspersky.

Post:

- a fresh HijackThis log
- kaspersky report

yeager · Jan 31, 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:37:57 PM, on 1/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\ehome\ehSched.exe
C:\windows\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\windows\System32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\windows\ALCXMNTR.EXE
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\YEAGER.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_6_0_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [KYE_Showicon] "C:\Program Files\USB Storage RW\shwicon.exe" -t"KYE\USB Storage RW"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [WHITNEY_S2P] C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj .exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office Outlook 2003.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IOGEAR\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1106804790593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160972100265
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lowrance.com/Downloads/Updates/MapCreate/MapCreate620/isetup.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://aciweb.webex.com/client/v_mywebex/training/ieatgpc.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/linklauncher/MotUtil.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\windows\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\windows\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 12276 bytes

yeager · Jan 31, 2008

Kasper 1ST

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, January 31, 2008 2:37:23 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 31/01/2008
Kaspersky Anti-Virus database records: 540538
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
E:\
F:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\

Scan Statistics:
Total number of scanned objects: 177112
Number of viruses found: 23
Number of infected objects: 519
Number of suspicious objects: 0
Duration of the scan process: 03:29:04

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012008013120080201\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF4237.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF425B.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF7C7E.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF7D0E.tmp Object is locked skipped
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12222006-135857.log Object is locked skipped
C:\Documents and Settings\cindy.1COMP\ntuser.dat Object is locked skipped
C:\Documents and Settings\cindy.1COMP\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Data\GAZ\POI_Extinfo.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Data\GAZ\XMAPGAZ.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\dmcRouter.log Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Find_SA2007\MapTag\Maptag.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Find_SA2007\PostalCodes\Multizip.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Find_SA2007\PostalCodes\ZipMBR.ldb Object is locked skipped
C:\Program Files\DeLorme\Street Atlas USA 2007\Radio\Radio.ldb Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chandir.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chandir.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chn.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\chn.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\inuse.txt Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\L0000005.FCS Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\main.log Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_die.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_die.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\storydb.dat Object is locked skipped
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\CHRIS\Data\storydb.idx Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0218468.dll Infected: not-a-virus:AdWare.Win32.PurityScan.gt skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219434.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219435.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219437.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219438.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219439.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219440.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219441.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219442.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219443.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219444.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219446.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219447.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219449.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219450.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219451.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219452.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219453.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219454.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219455.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219456.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219457.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219458.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219459.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219460.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219461.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219462.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219463.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219487.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219509.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219510.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219511.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219513.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219514.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219516.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219517.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219518.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219520.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219522.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219523.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219524.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219525.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219526.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219527.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219528.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219529.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219530.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219531.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219535.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219537.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219538.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219556.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1000\A0219560.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219586.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219587.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219590.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219591.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219593.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219594.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219595.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219596.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219598.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219599.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219600.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219601.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219602.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219603.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219604.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219610.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219612.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219613.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219614.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219622.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219623.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219626.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219634.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0219637.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220585.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220587.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

yeager · Jan 31, 2008

Kasper 2nd

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220588.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220590.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220591.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220593.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220594.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220595.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220596.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220598.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220599.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220600.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220601.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220602.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220603.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220604.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220605.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220606.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220607.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220608.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220612.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220615.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220618.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220623.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220627.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220631.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220636.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220639.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220662.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220664.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220665.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220669.exe Infected: Trojan-Downloader.Win32.TSUpdate.r skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220670.exe Infected: Trojan-Downloader.Win32.TSUpdate.f skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220671.exe Infected: Trojan-Downloader.Win32.Delf.dlk skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220672.exe Infected: not-a-virus:AdWare.Win32.Rond.d skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220673.exe Infected: Trojan-Downloader.Win32.Agent.cbx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220674.exe Infected: Trojan-Downloader.Win32.Agent.fjn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220680.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220697.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220699.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220703.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220704.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220708.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220709.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220710.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220711.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220712.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220713.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220715.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220716.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220718.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220719.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220720.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220721.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220722.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220724.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220725.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220726.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220727.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220728.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220729.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220730.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220731.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220732.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220733.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220736.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220737.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220738.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220739.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220740.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220741.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220745.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1001\A0220746.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221775.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221776.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221777.exe Infected: Trojan-Downloader.Win32.TSUpdate.n skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221778.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221779.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221780.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221781.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221783.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221784.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221785.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221786.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221787.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221788.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221789.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221790.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221791.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221792.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221793.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221795.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221796.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221798.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221800.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221823.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221827.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221835.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221837.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221838.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221839.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221840.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221841.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221842.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221843.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221847.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221849.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221850.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221851.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221852.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221853.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221854.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221855.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221858.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221859.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221862.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221863.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221864.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221866.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221869.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221871.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221873.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0221883.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222815.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222816.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222817.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

yeager · Jan 31, 2008

Kasper 3rd

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222818.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222821.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222824.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222825.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222826.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222827.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222828.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222829.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222831.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222832.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222833.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222836.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222840.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222842.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222854.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222857.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222858.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222866.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222869.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0222879.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0223806.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0223816.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224812.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224815.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224817.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224818.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224819.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224823.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224824.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224825.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224826.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224827.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224828.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224829.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224831.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224832.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224833.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224835.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224840.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224845.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224853.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224858.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224860.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224861.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1002\A0224881.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224959.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224960.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224961.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224962.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224963.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224964.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224965.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224967.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224968.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224969.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224970.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224971.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224972.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224974.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224975.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224976.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224977.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224978.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224979.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224982.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224983.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1005\A0224984.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225004.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225005.exe Infected: Trojan-Downloader.Win32.Agent.hvj skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225006.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225007.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225008.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225009.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225010.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225011.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225012.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225013.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.eby skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225016.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225017.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225018.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225020.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225021.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225024.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225027.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225028.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225036.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225037.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225038.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225039.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225040.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225041.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225042.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225043.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225044.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225045.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225046.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225047.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225048.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225049.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225050.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225051.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225052.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225053.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225054.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225055.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225056.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225057.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225058.exe Infected: Trojan.Win32.Agent.edq skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225061.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225068.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225069.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dro skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225077.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225314.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225315.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225316.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225317.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225318.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225319.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225320.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

yeager · Jan 31, 2008

Kasper 4th

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225321.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225325.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225334.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225338.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225420.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/wr-1-922.exe Infected: Trojan-Downloader.Win32.Small.hsg skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/ACROBA~1.EXE/data0000.cab/is151287.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/ACROBA~1.EXE/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab/ACROBA~1.EXE Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225507.exe Rsrc-Package: infected - 5 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/wr-1-922.exe Infected: Trojan-Downloader.Win32.Small.hsg skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/Keygen.exe/data0000.cab/is151287.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/Keygen.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab/Keygen.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225508.exe Rsrc-Package: infected - 5 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/wr-1-922.exe Infected: Trojan-Downloader.Win32.Small.hsg skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/PDF_WR~1.EXE/data0000.cab/is151287.exe Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/PDF_WR~1.EXE/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab/PDF_WR~1.EXE Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe/data0000.cab Infected: Trojan-Downloader.Win32.Small.hwe skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1007\A0225509.exe Rsrc-Package: infected - 5 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1010\A0225980.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1010\A0225982.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1010\A0225983.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1010\change.log Object is locked skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP910\A0209953.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP910\A0209953.exe RAR: infected - 1 skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP996\A0216136.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP996\A0216158.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0216181.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217181.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217184.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217185.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217186.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217188.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217189.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217190.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217192.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217193.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217194.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217195.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217196.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217197.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217198.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217199.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217200.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217201.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217202.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217203.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217206.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217207.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217209.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217225.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217241.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217242.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217244.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217245.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217246.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217247.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217248.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217250.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217251.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217252.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217253.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217254.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217255.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217259.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217260.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217261.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217262.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217263.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217265.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217266.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217267.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217268.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP998\A0217288.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217313.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217314.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217315.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217316.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217317.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217318.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217319.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217321.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217322.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217323.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217324.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217325.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217326.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217327.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217328.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217329.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217330.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217332.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217334.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217335.exe Infected: Trojan-Downloader.Win32.Agent.hql skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217336.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0217337.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218239.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped

yeager · Jan 31, 2008

Kasper 5th

C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218240.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218241.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218243.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218245.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218246.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218247.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218248.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218250.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218251.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218252.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218253.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218254.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218261.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218262.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218263.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218264.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218266.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218267.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218268.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218269.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218270.exe Infected: Trojan-Downloader.Win32.Agent.hvx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218271.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218272.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218294.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218312.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218314.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218315.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218316.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218318.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218320.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218321.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218322.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218324.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218325.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218326.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218327.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218328.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218329.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218330.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218331.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218332.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218333.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218335.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218339.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218340.exe Infected: Trojan-Downloader.Win32.Agent.hvx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218341.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218342.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218362.exe Infected: Trojan-Downloader.Win32.Adload.pr skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218376.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218383.exe Infected: Trojan-Downloader.Win32.Agent.hvx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218393.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218394.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218405.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218406.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218407.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218408.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218409.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218410.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218411.exe Infected: Trojan-Downloader.Win32.Agent.hcn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218418.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218435.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218436.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218437.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218438.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218439.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218440.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218443.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218444.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218445.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218446.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218448.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218449.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218450.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218451.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218452.EXE Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218453.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218454.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218455.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218456.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218457.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218458.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218459.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218460.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP999\A0218461.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\accwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\crypt32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hh.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hhctrl.ocx Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\html32.cnv Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\itss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\locator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\magnify.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\migwiz.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\mrxsmb.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\msconv97.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\narrator.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\newdev.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ntdll.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ntkrnlpa.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ntoskrnl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\osk.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\pchshell.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\raspptp.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\shmedia.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\srrstr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\srv.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\winsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\zipfldr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\expsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msexch40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjint40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjter40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msltus40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrd2x40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrd3x40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mswdat10.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mswstr10.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\vbajet32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\shlwapi.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\Windows_OneCare_Evt.evt Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
H:\System Volume Information\_restore{DAC9DB1F-8BEF-451E-AB3B-6A67094EA198}\RP1010\change.log Object is locked skipped

Scan process completed.

please help virtumonde and win 32

Security Expert: Emeritus

New member

New member

Security Expert: Emeritus

New member

New member

New member

New member

New member

New member

New member

New member

New member

Security Expert: Emeritus

New member

New member

New member

New member

New member

New member