Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide. Want to reply to a topic, start a new one, or remove the advertising? Join today (always free).
      
 
 Closed TopicStart new topic
explorer,iexplorer,notepad infected, notepad corrupted
maani
post Jul 17 2008, 01:40 AM
Post #1


New Member
*
Posts: 6
OS: XP
i will post in short to save ur time.it started like this
1:when i double clicked any drive in my computer,it opened in a new window although i configured my computer to open new process in same window.
2:TOAD for oracle would give access violation message every now and then.
3:notepad crashed.watever i open,access violation occurs.
4:i followed instruction mentioned in geektogo forum.executed,ATF-cleaner,malwarebytes antimalware,online panda scan and hijakcthis.
5:i wud like to mention that malware and hijackthis setup executed once i renamed them.otherwise,they did not execute.
im pasting the logs below. files are attached as well(may b they r more readable).waiting for a reply as well.

======================================================================
Malwarebytes' Anti-Malware 1.20
Database version: 960
Windows 5.1.2600 Service Pack 2

11:24:16 AM 7/17/2008
mbam-log-7-17-2008 (11-24-16).txt

Scan type: Quick Scan
Objects scanned: 75727
Time elapsed: 8 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 3
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 14

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\amvo1.dll (Trojan.Agent) -> Unloaded module successfully.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{88abc5c0-4fcb-11bb-aax5-81cx1c635612} (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kamsoft (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\amva (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f08a9bfb (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\m88coaim.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Documents and Settings\ssa\Local Settings\Temp\tru17D.tmp (Trojan.Vaklik) -> Quarantined and deleted successfully.
C:\Documents and Settings\ssa\Local Settings\Temp\tru3.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ckvo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\spoolsv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\xmnm2.cmd (Trojan.Agent) -> Quarantined and deleted successfully.
C:\6x8be16.cmd (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clbdll.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\amvo.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amvo1.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\clbdriver.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\ssa\Local Settings\Temp\tru4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\ssa\Local Settings\Temp\tru5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

===================================ActiveScan report==============================
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-07-17 13:00:27
PROTECTIONS: 1
MALWARE: 21
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Kaspersky Anti-Virus 6.0 6.0.2.621 No No
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00199231 HackTool/EvID HackTools No 0 No No D:\my docs\articles\MISC\RCD\evid4226patch223d-en.rar[EvID4226Patch.exe]
01048152 Generic Malware Virus/Trojan No 0 Yes No D:\Installer\dev tools\DB Design\Case Studio\ac-casestud.exe
01048152 Generic Malware Virus/Trojan No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP273\A0057713.exe
01048152 Generic Malware Virus/Trojan No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP273\A0057731.exe
01048152 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP273\A0057677.exe
01048152 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\RKSoft\CASEStudio2\Bin\ac-casestud.exe
01170204 W32/Almanahe.C Virus No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057836.exe
01170204 W32/Almanahe.C Virus No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057837.exe
02513660 Adware/VideoAddon Adware No 0 No No D:\my docs\salman\fsd\softwares\setup.exe[²ÜÇ\larm.dll]
02893802 Adware/AntivirusPro Adware No 0 Yes No C:\Documents and Settings\All Users\Start Menu\Programs\Startup\msupd51195.exe
02894247 Trj/Inject.AJ Virus/Trojan No 0 Yes No C:\Documents and Settings\ssa\Local Settings\Temp\tmp402.tmp
02894247 Trj/Inject.AJ Virus/Trojan No 0 Yes No C:\Documents and Settings\ssa\Local Settings\Temp\tmp2.tmp
02910694 W32/Lineage.HZB.worm Virus/Worm No 1 Yes No C:\Documents and Settings\ssa\Local Settings\Temp\5o.dll
02912157 W32/Spamta.gen.worm Virus/Worm No 0 Yes No D:\Installer\multimedia\mp3splitter\mp3splitter.exe
02936411 W32/Lineage.IGF Virus No 0 Yes No D:\oq.cmd
02936411 W32/Lineage.IGF Virus No 0 Yes No F:\oq.cmd
02936411 W32/Lineage.IGF Virus No 0 Yes No C:\oq.cmd
02936411 W32/Lineage.IGF Virus No 0 Yes No E:\oq.cmd
02936420 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No C:\Documents and Settings\ssa\Local Settings\Temp\7bpapp.dll
03072941 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\ssa\Local Settings\Temp\do5.dll
03073196 W32/Lineage.ISV.worm Virus/Worm No 0 Yes No F:\m88coaim.exe
03073196 W32/Lineage.ISV.worm Virus/Worm No 0 Yes No C:\Documents and Settings\ssa\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.72114
03073196 W32/Lineage.ISV.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057811.exe
03073196 W32/Lineage.ISV.worm Virus/Worm No 0 Yes No D:\m88coaim.exe
03073196 W32/Lineage.ISV.worm Virus/Worm No 0 Yes No E:\m88coaim.exe
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051176.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050963.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051086.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051033.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051037.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051082.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050967.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051172.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050919.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051190.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050868.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051204.cmd
03074361 W32/Lineage.ITK Virus No 粑 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050763.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051291.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050162.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051300.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050111.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051411.exe
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051414.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050073.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050113.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050915.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\6x8be16.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050158.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050075.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050164.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051194.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050864.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050765.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050870.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050921.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050969.cmd
03074361 W32/Lineage.ITK Virus N粑 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051039.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051088.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051416.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051420.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051304.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051293.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051206.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051192.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051309.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051174.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051084.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051035.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051297.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050965.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050917.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050866.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051210.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050761.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050160.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\粑P237\A0050109.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051196.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050107.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050071.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051418.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051208.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051178.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050759.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051307.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057813.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051295.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No D:\6x8be16.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\Documents and Settings\ssa\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.45264
03074361 W32/Lineage.ITK Virus No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050069.cmd
03074361 W32/Lineage.ITK Virus No 1 Yes No F:\6x8be16.cmd
03074367 W32/Lineage.ITK.worm Virus/Worm No 0 Yes No C:\Documents and Settings\ssa\Local Settings\Temp\qrwafza.dll
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050766.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050076.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051179.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050072.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051419.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 粑 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050110.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051197.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050161.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050070.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050762.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051308.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050867.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050108.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050918.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051211.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050966.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051296.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051036.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051298.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051085.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050159.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051175.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051209.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051193.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\粑0050760.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051207.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051310.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051294.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051195.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051305.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051421.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051417.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051089.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050865.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051177.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050916.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051040.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051087.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050964.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051038.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050970.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP242\A0051034.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP241\A0050968.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP243\A0051083.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No 粑 F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050922.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP240\A0050920.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP244\A0051173.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050869.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP245\A0051191.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050764.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP239\A0050871.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP246\A0051205.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050163.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP247\A0051292.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP249\A0051415.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP236\A0050074.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050112.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP248\A0051303.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP238\A0050165.inf
03074376 W32/Lineage.ITK.worm Virus/Worm No 1 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP237\A0050114.inf
03128440 Adware/AccesMembre Adware No 0 Yes No C:\Documents and Settings\ssa\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.96201
03128440 Adware/AccesMembre Adware No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057812.exe
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP253\A0051657.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP252\A0051548.inf
03162774粑 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057795.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP254\A0051746.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051471.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP253\A0051651.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051758.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051453.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053798.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054954.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055131.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055104.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP252\A0051554.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054950.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP254\A0051740.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054937.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054806.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051477.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0054794.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054941.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053794.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume I粑formation\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051754.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051752.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP254\A0051742.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP253\A0051653.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051459.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP252\A0051550.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051473.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053792.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051455.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0054792.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054804.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055135.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054935.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054948.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054976.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055108.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055102.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055129.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0054798.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051457.inf
03162774 W32/Lineage.IYF.worm 粑irus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054982.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051475.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057799.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP252\A0051552.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057793.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP253\A0051655.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054810.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP254\A0051744.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054978.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051756.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057797.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053796.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055133.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0054796.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055106.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054808.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054980.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054939.inf
03162774 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054952.inf
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D粑-A9E9-64119261F211}\RP261\A0054951.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054979.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054938.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055105.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054807.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055132.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0054795.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057796.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053795.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\xmnm2.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051755.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP254\A0051743.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP253\A0051654.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP252\A0051551.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051474.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051456.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\xmnm2.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057794.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055130.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055103.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054977.cmd
03204770 W32/Lineage.IYF.worm 粑 Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054949.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054936.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054805.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053793.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051753.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP254\A0051741.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP253\A0051652.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP252\A0051549.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051472.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No D:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051454.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054981.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057752.exe
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055107.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055128.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP262\A0055101.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054975.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP263\A0055134.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP261\A0054947.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP260\A0054934.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-粑D39-44D2-A9E9-64119261F211}\RP260\A0054803.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0054791.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP275\A0057798.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP250\A0051458.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP259\A0053791.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP251\A0051476.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP255\A0051751.cmd
03204770 W32/Lineage.IYF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-
Attached File(s)
Attached File  mbam_log_7_17_2008__11_24_16_.txt ( 2.76K ) Number of downloads: 1
Attached File  ActiveScan.txt ( 75.67K ) Number of downloads: 2
Attached File  uninstall_list.txt ( 2.4K ) Number of downloads: 2
 
Go to the top of the page
 
+Quote Post
Mike
post Jul 17 2008, 06:57 AM
Post #2


Malware Monger
Group Icon
Posts: 2,722
OS: XP Professional SP3
Hi there,

Please don't use any flash drives or USB drives - you have a worm that could possibly spread through them.

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Note:These logs may be too large to post in one reply, if so, please post extra.txt in a seperate reply.

This post has been edited by Mike: Jul 17 2008, 07:00 AM
Go to the top of the page
 
+Quote Post
maani
post Jul 17 2008, 08:49 PM
Post #3


New Member
*
Posts: 6
OS: XP
Thanx Mike for ur prompt reply.
thanx for ur advice but my office lan is full of viruses. and all of our flashes get infected with a virus which starts crearting folder_name.exe,plus tampering of context menu and showing some chinese or something there,removing folder options etc etc. I hope u will advice some remedy for this as well.
here i am posting the logs.
**********************************************************MAIN . LOG ************************************
Deckard's System Scanner v20071014.68
Run by ssa on 2008-07-18 08:29:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
41: 2008-07-18 03:30:03 UTC - RP276 - Deckard's System Scanner Restore Point
40: 2008-07-17 04:40:54 UTC - RP275 - Installed SUPERAntiSpyware Free Edition
39: 2008-07-17 04:06:37 UTC - RP274 - before removing removing malware
38: 2008-07-16 09:17:06 UTC - RP273 - System Checkpoint
37: 2008-07-15 09:01:53 UTC - RP272 - Removed DVD Panther


-- First Restore Point --
1: 2008-07-14 08:49:03 UTC - RP236 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as ssa.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:33 AM, on 7/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
E:\ora92\bin\omtsreco.exe
E:\ora92\bin\agntsrvc.exe
E:\ora92\Apache\Apache\apache.exe
C:\WINDOWS\system32\cmd.exe
E:\ora92\BIN\TNSLSNR.exe
E:\ora92\bin\dbsnmp.exe
e:\ora92\bin\ORACLE.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SiteAdvisor\6261\SAService.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\SiteAdvisor\6261\SiteAdv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\ora92\Apache\Apache\apache.exe
E:\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
E:\ora92\jdk\bin\java.exe
E:\ora92\jdk\bin\java.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe