Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vundo MetaJuan and More Viruses

Started by gzan , Jun 23 2008 03:58 PM

  • Please log in to reply

#1
gzan
Posted 23 June 2008 - 03:58 PM

gzan

    New Member

  • Member
  • Pip
  • 1 posts
XP Sp2
I am really having problems from Pop Ups to not being able to surf the web.
I have run all different Virus and adware removel tools, no luck.
I have logs from ComboFix, TrendMIrco HiJackThis and Kaspersky.
Please help me before I format my system.
ComboFix 08-06-20.4 - gzan 2008-06-22 19:06:06.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1665 [GMT -4:00]
Running from: C:\Documents and Settings\gzan\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINXP\BM8b055889.xml
C:\WINXP\pskt.ini
.
---- Previous Run -------
.
C:\WINXP\BM8b055889.xml
C:\WINXP\cookies.ini
C:\WINXP\pskt.ini
C:\WINXP\system32\accdd.ini
C:\WINXP\system32\accdd.ini2
C:\WINXP\system32\amtwwiwo.ini
C:\WINXP\system32\ayntkrob.dll
C:\WINXP\system32\bbJiknpo.ini
C:\WINXP\system32\bbJiknpo.ini2
C:\WINXP\system32\BdfOrtwa.ini
C:\WINXP\system32\BdfOrtwa.ini2
C:\WINXP\system32\biquyttt.dll
C:\WINXP\system32\bsxgkvot.dll
C:\WINXP\system32\cdvugwve.ini
C:\WINXP\system32\cijaelnx.ini
C:\WINXP\system32\cIllmUvw.ini
C:\WINXP\system32\cIllmUvw.ini2
C:\WINXP\system32\ckrvlqmk.dll
C:\WINXP\system32\cmrugvlv.dll
C:\WINXP\system32\deweywnf.ini
C:\WINXP\system32\dtrqhexs.ini
C:\WINXP\system32\dyhmxkrn.ini
C:\WINXP\system32\eaisswin.dll
C:\WINXP\system32\efhQtBeg.ini
C:\WINXP\system32\efhQtBeg.ini2
C:\WINXP\system32\egxwahsv.ini
C:\WINXP\system32\EOVDLkkj.ini
C:\WINXP\system32\EOVDLkkj.ini2
C:\WINXP\system32\fghtoewy.ini
C:\WINXP\system32\fMSsvyxx.ini
C:\WINXP\system32\fMSsvyxx.ini2
C:\WINXP\system32\fOrXbccf.ini
C:\WINXP\system32\fOrXbccf.ini2
C:\WINXP\system32\fxgurkow.dll
C:\WINXP\system32\gaidnrxm.dll
C:\WINXP\system32\GhQqWvut.ini
C:\WINXP\system32\GhQqWvut.ini2
C:\WINXP\system32\gsuhusmt.ini
C:\WINXP\system32\hgGvTLca.dll
C:\WINXP\system32\hvsnoqra.ini
C:\WINXP\system32\ihjnrtab.ini
C:\WINXP\system32\iifgHwwt.dll
C:\WINXP\system32\ilVvyyxx.ini
C:\WINXP\system32\ilVvyyxx.ini2
C:\WINXP\system32\jklkmUvw.ini
C:\WINXP\system32\jklkmUvw.ini2
C:\WINXP\system32\jolwfnut.ini
C:\WINXP\system32\jviwvfyt.dll
C:\WINXP\system32\jyqqbsep.ini
C:\WINXP\system32\klicpvvk.ini
C:\WINXP\system32\lgluaxbr.dll
C:\WINXP\system32\mcfmhkbb.ini
C:\WINXP\system32\mcrh.tmp
C:\WINXP\system32\mmllm.ini2
C:\WINXP\system32\mtxdsmgt.ini
C:\WINXP\system32\mVEdLRqr.ini
C:\WINXP\system32\mVEdLRqr.ini2
C:\WINXP\system32\mxrndiag.ini
C:\WINXP\system32\nmyvabla.dll
C:\WINXP\system32\nqpmjivs.dll
C:\WINXP\system32\owiwwtma.dll
C:\WINXP\system32\pesbqqyj.dll
C:\WINXP\system32\porqBcfe.ini
C:\WINXP\system32\porqBcfe.ini2
C:\WINXP\system32\psvxyyxx.ini
C:\WINXP\system32\psvxyyxx.ini2
C:\WINXP\system32\pXaHNqss.ini
C:\WINXP\system32\pXaHNqss.ini2
C:\WINXP\system32\qabnlfne.dll
C:\WINXP\system32\qtvwa.ini2
C:\WINXP\system32\rbxaulgl.ini
C:\WINXP\system32\sdqtwwmp.ini
C:\WINXP\system32\sxehqrtd.dll
C:\WINXP\system32\tmsuhusg.dll
C:\WINXP\system32\tovkgxsb.ini
C:\WINXP\system32\tuwxxyay.ini
C:\WINXP\system32\tuwxxyay.ini2
C:\WINXP\system32\twwHgfii.ini
C:\WINXP\system32\twwHgfii.ini2
C:\WINXP\system32\uxwEOqru.ini
C:\WINXP\system32\uxwEOqru.ini2
C:\WINXP\system32\vcbnfhhs.dll
C:\WINXP\system32\vDdMUvut.ini
C:\WINXP\system32\vDdMUvut.ini2
C:\WINXP\system32\vEdKlUtv.ini
C:\WINXP\system32\vEdKlUtv.ini2
C:\WINXP\system32\vGgjQqss.ini
C:\WINXP\system32\vGgjQqss.ini2
C:\WINXP\system32\vlvgurmc.ini
C:\WINXP\system32\vtnbmqko.ini
C:\WINXP\system32\wjfowuqs.dll
C:\WINXP\system32\wqjqosdt.dll
C:\WINXP\system32\wwogqjql.ini
C:\WINXP\system32\xpujrrcd.ini
C:\WINXP\system32\XxxEgfii.ini
C:\WINXP\system32\XxxEgfii.ini2
C:\WINXP\system32\ycaoamsr.ini
C:\WINXP\system32\yFNooUtv.ini
C:\WINXP\system32\yFNooUtv.ini2
C:\WINXP\system32\yweothgf.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR


((((((((((((((((((((((((( Files Created from 2008-05-22 to 2008-06-22 )))))))))))))))))))))))))))))))
.

2008-06-22 18:53 . 2008-06-13 09:10 272,128 --------- C:\WINXP\system32\dllcache\bthport.sys
2008-06-22 18:52 . 2008-06-22 18:52 <DIR> d-------- C:\WINXP\LastGood
2008-06-22 17:53 . 2008-06-22 17:53 <DIR> d-------- C:\VundoFix Backups
2008-06-22 17:13 . 2008-06-22 17:17 <DIR> d-------- C:\Documents and Settings\gzan\Application Data\Uniblue
2008-06-22 14:16 . 2008-06-22 14:16 80,384 --a------ C:\WINXP\system32\vshawxge.dll
2008-06-22 14:13 . 2008-06-22 14:13 99,328 --a------ C:\WINXP\system32\xoelflpm.dll
2008-06-22 14:10 . 2008-06-22 14:10 90,624 --a------ C:\WINXP\system32\ohkwwmkc.dll
2008-06-22 09:32 . 2008-06-22 09:32 80,384 --a------ C:\WINXP\system32\evwguvdc.dll
2008-06-22 09:29 . 2008-06-22 09:29 99,328 --a------ C:\WINXP\system32\xonupcvt.dll
2008-06-22 09:26 . 2008-06-22 09:26 90,624 --a------ C:\WINXP\system32\skifmikl.dll
2008-06-21 10:53 . 2008-06-21 10:53 81,408 --a------ C:\WINXP\system32\okqmbntv.dll
2008-06-21 10:51 . 2008-06-21 10:51 99,328 --a------ C:\WINXP\system32\kfmoggcs.dll
2008-06-21 10:51 . 2008-06-21 10:51 90,112 --a------ C:\WINXP\system32\kdktrssw.dll
2008-06-20 18:05 . 2008-06-20 18:05 99,328 --a------ C:\WINXP\system32\vrldfhsu.dll
2008-06-20 18:02 . 2008-06-20 18:02 90,624 --a------ C:\WINXP\system32\xfgfujyd.dll
2008-06-20 18:02 . 2008-06-20 18:02 79,872 --a------ C:\WINXP\system32\lqjqgoww.dll
2008-06-16 01:18 . 2008-06-16 01:18 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-06-11 15:38 . 2008-06-11 15:40 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Lavasoft
2008-06-10 12:48 . 2007-10-15 19:39 102,664 --a------ C:\WINXP\system32\drivers\tmcomm.sys
2008-06-07 00:07 . 2008-06-07 00:07 <DIR> d-------- C:\Program Files\Apple Software Update
2008-06-07 00:07 . 2008-06-07 00:07 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Apple Computer
2008-06-07 00:07 . 2008-06-07 00:07 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Apple
2008-05-24 17:28 . 2008-05-24 17:28 <DIR> d-------- C:\Documents and Settings\gzan\Application Data\acccore
2008-05-24 17:26 . 2008-05-24 17:26 <DIR> d-------- C:\Documents and Settings\gzan\Application Data\Viewpoint
2008-05-24 17:26 . 2008-05-24 17:26 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\Viewpoint
2008-05-24 17:25 . 2008-05-24 17:25 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\AOL OCP
2008-05-24 17:25 . 2008-05-24 17:25 <DIR> d-------- C:\Documents and Settings\All Users.WINXP\Application Data\AOL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-22 23:01 --------- d-----w C:\Program Files\Symantec AntiVirus 10
2008-06-22 22:57 --------- d-----w C:\Documents and Settings\gzan\Application Data\DNA
2008-06-22 02:59 --------- d-----w C:\Program Files\WinstonPoker
2008-06-22 02:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-22 02:37 --------- d-----w C:\Program Files\Coupons
2008-06-16 07:18 --------- d-----w C:\Program Files\Common Files\Media
2008-06-13 13:10 272,128 ----a-w C:\WINXP\system32\drivers\bthport.sys
2008-06-11 19:39 --------- d-----w C:\Program Files\Lavasoft
2008-06-11 19:39 --------- d-----w C:\Documents and Settings\gzan\Application Data\Lavasoft
2008-06-07 22:34 --------- d-----w C:\Documents and Settings\gzan\Application Data\BitTorrent
2008-06-07 19:55 --------- d-----w C:\Documents and Settings\gzan\Application Data\LimeWire
2008-06-07 15:09 --------- d-----w C:\Program Files\Games
2008-06-07 04:08 --------- d-----w C:\Program Files\QuickTime
2008-05-24 21:26 --------- d-----w C:\Program Files\Viewpoint
2008-05-24 21:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-05-16 15:58 12,632 ----a-w C:\WINXP\system32\lsdelete.exe
2008-05-13 18:03 98,304 ----a-w C:\WINXP\DUMP5bfa.tmp
2008-05-11 13:11 --------- d-----w C:\Documents and Settings\gzan\Application Data\AdobeUM
2008-05-10 16:38 98,304 ----a-w C:\WINXP\DUMP5b7d.tmp
2008-05-08 15:03 98,304 ----a-w C:\WINXP\DUMP6282.tmp
2008-05-08 12:28 202,752 ----a-w C:\WINXP\system32\drivers\rmcast.sys
2008-05-08 12:28 202,752 ----a-w C:\WINXP\system32\dllcache\rmcast.sys
2008-05-07 11:20 98,304 ----a-w C:\WINXP\DUMP6503.tmp
2008-05-07 05:18 1,287,680 ----a-w C:\WINXP\system32\quartz.dll
2008-05-07 05:18 1,287,680 ------w C:\WINXP\system32\dllcache\quartz.dll
2008-05-04 17:54 --------- d-----w C:\Program Files\Lexmark 3100 Series
2008-05-03 01:27 --------- d-----w C:\Documents and Settings\gzan\Application Data\GoodSync
2008-04-29 15:20 15,648 ----a-w C:\WINXP\system32\drivers\NSDriver.sys
2008-04-29 15:19 15,648 ----a-w C:\WINXP\system32\drivers\Awrtrd.sys
2008-04-29 15:19 12,960 ----a-w C:\WINXP\system32\drivers\Awrtpd.sys
2008-04-24 02:16 3,591,680 ----a-w C:\WINXP\system32\dllcache\mshtml.dll
2008-04-23 23:00 --------- d-----w C:\Documents and Settings\All Users.WINXP\Application Data\GamesForOne
2008-04-22 07:40 625,664 ------w C:\WINXP\system32\dllcache\iexplore.exe
2008-04-22 07:39 70,656 ------w C:\WINXP\system32\dllcache\ie4uinit.exe
2008-04-22 07:39 13,824 ------w C:\WINXP\system32\dllcache\ieudinit.exe
2008-04-20 05:07 161,792 ----a-w C:\WINXP\system32\dllcache\ieakui.dll
2008-04-04 10:46 98,304 ----a-w C:\WINXP\DUMP61a8.tmp
2008-04-01 23:44 691,545 ----a-w C:\WINXP\unins000.exe
2008-03-27 08:12 151,583 ----a-w C:\WINXP\system32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINXP\system32\dllcache\msjint40.dll
2007-09-27 21:01 630,784 ----a-w C:\Documents and Settings\gzan\GoToAssist_chat2way__317_en.exe
2005-01-05 02:24 45,984 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2004-04-15 23:03 450,560 ----a-w C:\Documents and Settings\Administrator\chatlnk.exe
2002-10-13 02:00 271 --sha-w C:\Program Files\desktop.ini
2002-10-13 02:00 21,952 ---ha-w C:\Program Files\folder.htt
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A946CA43-D5C4-485B-813E-7EEC73A0183C}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINXP\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 14:39 1289000]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-05-09 18:02 289088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINXP\system32\NvCpl.dll" [2006-03-09 15:29 7561216]
"nwiz"="nwiz.exe" [2006-03-09 15:29 1519616 C:\WINXP\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 18:07 61952 C:\WINXP\system32\HdAShCut.exe]
"nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-07-29 18:25 270336]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-06-02 10:21 48752]
"vptray"="C:\PROGRA~1\SYMANT~2\VPTray.exe" [2005-06-23 20:27 85696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 10:57 133016]
"NvMediaCenter"="NvMCTray.dll" [2006-03-09 15:29 86016 C:\WINXP\system32\nvmctray.dll]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-19 15:52 15797248 C:\WINXP\RTHDCPL.exe]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" [2007-11-15 22:51 166304]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2008-03-14 11:41 498176]
"TMRUBottedTray"="C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe" [2007-12-19 00:18 288088]
"LXBRKsk"="C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe" [2003-06-13 10:57 294912]
"Lexmark 3100 Series"="C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-03 22:33 106496]
"BM8b055889"="C:\WINXP\system32\kdktrssw.dll" [2008-06-21 10:51 90112]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2004-07-30 19:24:08 225280]
PowerReg Scheduler.exe [2004-07-14 19:03:34 256000]

C:\Documents and Settings\All Users.WINXP\Start Menu\Programs\Startup\
PC Alert 4.lnk - C:\Program Files\MSI\PC Alert 4\PCAlert4.exe [2007-09-29 09:58:38 552960]
VPN Client.lnk - C:\WINXP\Installer\{3E5562ED-69AB-4CEC-91E2-64E18EC5ACC6}\Icon3E5562ED7.ico [2006-01-01 15:13:40 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VQC4"= VQ318DEC.dll

[HKLM\~\startupfolder\C:^Documents and Settings^gzan^Start Menu^Programs^Startup^Diskeeper 9 Professional Edition Registration.lnk]
path=C:\Documents and Settings\gzan\Start Menu\Programs\Startup\Diskeeper 9 Professional Edition Registration.lnk
backup=C:\WINXP\pss\Diskeeper 9 Professional Edition Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM8b055889]
--a------ 2008-06-20 18:02 90624 C:\WINXP\system32\xfgfujyd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"NeroCheck"=C:\WINXP\system32\NeroCheck.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINXP\\system32\\mmc.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\Utils\\aim\\aim.exe"=
"C:\\Program Files\\Hummingbird\\Connectivity\\7.10\\Exceed\\exceed.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=

R3 TMPassthruMP;TMPassthruMP;C:\WINXP\system32\DRIVERS\TMPassthru.sys [2007-11-27 22:51]
S2 lsass;Local Security Authority Subsystem Service;"C:\WINXP\scvhost.exe" []
S2 RUBotted;Trend Micro RUBotted Service;"C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe" [2007-12-19 00:18]
S2 SwsVpkt;Packet driver;C:\WINXP\system32\DRIVERS\SwsVpkt.sys [2006-05-20 15:58]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
S2 zumbus;Zune Bus Enumerator Driver;C:\WINXP\system32\DRIVERS\zumbus.sys [2007-11-15 22:38]
S2 ZuneBusEnum;Zune Bus Enumerator;c:\WINXP\system32\ZuneBusEnum.exe [2007-11-15 22:51]
S3 Cap7134;TVFM 503 WDM Video Capture;C:\WINXP\system32\DRIVERS\Cap7134.sys [2003-01-25 16:54]
S3 CV2K1;CommView Network Monitor;C:\WINXP\system32\DRIVERS\cv2k1.sys [2006-01-17 21:33]
S3 DCamUSBLTN;M318B Digital Video Camera;C:\WINXP\system32\DRIVERS\vq318vid.sys [2002-04-22 09:28]
S3 TMPassthru;Trend Micro Passthru Ndis Service;C:\WINXP\system32\DRIVERS\TMPassthru.sys [2007-11-27 22:51]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\WINXP\system32\ZuneWlanCfgSvc.exe [2007-11-15 22:51]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6e0026c2-a0b8-11da-a475-00059a3c7800}]
\Shell\AutoRun\command - C:\WINXP\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL usbbackupclient.exe 192.168.1.30

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9bd923d-fcb7-11dc-b2ec-0013d3cc69ec}]
\Shell\AutoRun\command - H:\Launch.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-06-20 13:22:04 C:\WINXP\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-22 21:13:27 C:\WINXP\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-06-22 21:13:25 C:\WINXP\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-22 19:13:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-22 19:32:36
ComboFix-quarantined-files.txt 2008-06-22 23:32:34

Pre-Run: 43,842,696,192 bytes free
Post-Run: 43,821,925,376 bytes free

293 --- E O F --- 2008-06-22 23:01:11

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, June 23, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, June 23, 2008 01:57:29
Records in database: 880348
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
G:\
Y:\

Scan statistics:
Files scanned: 296329
Threat name: 77
Infected objects: 230
Suspicious objects: 2
Duration of the scan: 07:54:51


File name / Threat name / Threats count
C:\alldownloads\pkwin95\pk2602ad.exe Infected: not-a-virus:AdWare.Win32.TimeSink 1
C:\Documents and Settings\Administrator\.housecall\Quarantine\CpnMgr.dll.bac_a01952 Infected: not-a-virus:AdWare.Win32.CoolSavings.a 1
C:\Documents and Settings\Administrator\.housecall\Quarantine\disp1050.exe.bac_a01952 Infected: not-a-virus:AdWare.Win32.WebRebates.c 1
C:\Documents and Settings\Administrator\Desktop\appz\Bart\tbar.exe Infected: not-a-virus:AdWare.Win32.Dogpile.a 2
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\addressableSystems.dbx Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Infected: Email-Worm.Win32.Bagle.pac 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Infected: Email-Worm.Win32.Bagle.bo 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Suspicious: Trojan-Spy.HTML.Fraud.gen 2
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Deleted Items (1).dbx Infected: Email-Worm.Win32.Bagle.cs 1
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{FDC62E7D-2E2D-42CE-98D0-715E1EAF91CC}\Microsoft\Outlook Express\Inbox.dbx Infected: Trojan-Downloader.Win32.Bagle.e 1
C:\Documents and Settings\Administrator\My Documents\Cablevision workstuff\Voom\gponick\My Documents\zips\vnc_x86_win32.zip Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.333 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80000.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80002.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80004.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\05B80006.VBN Infected: not-a-virus:AdWare.Win32.PerMedia 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\01180000\451AF5A3.VBN Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540000\47F40E1B.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540000\47F40E1C.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540000\47F40E1D.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540001\47F40E25.VBN Infected: Trojan-Downloader.Win32.Dyfuca.ei 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540002\47F40E27.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540003\47F40E7B.VBN Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540004\47F40E7F.VBN Infected: not-a-virus:AdWare.Win32.Mirar.b 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540005\47F40E82.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540005\47F40E83.VBN Infected: not-a-virus:AdWare.Win32.Ucmore 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540005\47F40E84.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.g 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540006\47F42148.VBN Infected: Trojan-Downloader.Win32.IstBar.ir 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540008\47F422A8.VBN Infected: Trojan-Downloader.JS.IstBar.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540009\47F422B1.VBN Infected: Trojan-Clicker.JS.Linker.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000A\47F422BC.VBN Infected: Trojan-Downloader.Win32.VB.ov 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000C.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000D.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000E\47F422D3.VBN Infected: Trojan-Downloader.Win32.Adload.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454000F\47F422DD.VBN Infected: Trojan-Downloader.JS.IstBar.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540010\47F422E6.VBN Infected: Trojan-Downloader.JS.Small.ag 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540011\47F422F0.VBN Infected: Trojan-Downloader.Win32.IstBar.or 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540012\47F4297C.VBN Infected: Backdoor.Win32.SdBot.alz 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540013\47F43889.VBN Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540014\47F43895.VBN Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540015\47F438A0.VBN Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540017\47F43AEA.VBN Infected: not-a-virus:AdTool.Win32.WhenU.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540018\47F43ED6.VBN Infected: not-a-virus:AdWare.Win32.Sud.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540019\47F43EEC.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001A\47F43EF8.VBN Infected: Trojan-Downloader.Win32.Qoologic.az 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001B\47F43F0A.VBN Infected: Trojan.Win32.Pakes 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001C\47F43F15.VBN Infected: Trojan-Downloader.Win32.Qoologic.bd 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001D\47F43FC1.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 2
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001D\47F43FC1.VBN Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001E\47F43FCC.VBN Infected: Trojan-Downloader.Win32.IstBar.or 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.n 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454001F\47F43FD6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540020.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540021.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540022\47F43FE0.VBN Infected: not-a-virus:AdWare.Win32.Mirar.d 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540023\47F43FE9.VBN Infected: not-a-virus:AdWare.Win32.Mirar.d 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540024\47F43FF2.VBN Infected: not-a-virus:AdWare.Win32.Mirar.d 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540025\47F43FFC.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540026\47F44039.VBN Infected: not-a-virus:AdWare.Win32.SaveNow.bj 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540027\47F44042.VBN Infected: Trojan-Downloader.Win32.VB.ov 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540028.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540029.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002A\47F44056.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002A\47F44056.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 4
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002D\47F445AE.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002E\47F445B7.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454002F\47F445C0.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540031\47F445D2.VBN Infected: not-a-virus:AdWare.Win32.Sud.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540032\47F445DA.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540033\47F445E5.VBN Infected: Trojan-Downloader.Win32.TSUpdate.n 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540034\47F445EE.VBN Infected: Backdoor.Win32.SdBot.alz 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540035\47F445F7.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540036\47F4460A.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540037\47F44615.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540038\47F44621.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540039\47F4462C.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003A\47F44636.VBN Infected: Trojan-Dropper.Win32.Small.qn 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003B\47F4463F.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003C\47F44648.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003D\47F44651.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003E\47F4465A.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454003F\47F44664.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540040\47F4466D.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540041\47F44675.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540042\47F4467E.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540043\47F44687.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540043\47F44687.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 4
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540044\47F44690.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540045\47F4469A.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540046\47F446A4.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540048\47F446B6.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540049\47F446C5.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004A\47F446CE.VBN Infected: not-a-virus:AdWare.Win32.Mirar.b 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004B\47F446D7.VBN Infected: Trojan-Downloader.Win32.Dyfuca.ei 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004C\47F446E0.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004D\47F446E9.VBN Infected: not-a-virus:AdWare.Win32.Ucmore 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004E\47F446F2.VBN Infected: Trojan-Downloader.Win32.IstBar.ir 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454004F\47F446FC.VBN Infected: Trojan-Downloader.Win32.TSUpdate.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540050\47F44704.VBN Infected: Trojan-Downloader.Win32.TSUpdate.p 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540051\47F4470F.VBN Infected: Trojan-Downloader.Win32.TSUpdate.f 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540052\47F44718.VBN Infected: not-a-virus:AdWare.Win32.Ucmore.g 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540054\47F4472B.VBN Infected: not-a-virus:AdWare.Win32.SaveNow.bj 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540055.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540056.VBN Infected: not-a-virus:AdWare.Win32.MediaMotor.k 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540058\47F4473C.VBN Infected: not-a-virus:AdTool.Win32.WhenU.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540059\47F44745.VBN Infected: not-a-virus:AdWare.Win32.Sud.e 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005A\47F44750.VBN Infected: Trojan-Downloader.Win32.Qoologic.az 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005B\47F4475C.VBN Infected: Trojan.Win32.Pakes 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005C\47F44767.VBN Infected: Trojan-Downloader.Win32.Qoologic.bd 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005D\47F44770.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005D\47F44770.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 4
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005E\47F448B5.VBN Infected: Trojan-Dropper.Win32.Small.qn 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0454005F\47F448C6.VBN Infected: Trojan-Downloader.Win32.TSUpdate.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540060\47F448CF.VBN Infected: Trojan-Downloader.Win32.Small.buy 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04540061\47F448D8.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\04940000\47FD3468.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\05040000\45055EB0.VBN Infected: Trojan-Downloader.Win32.Small.bmx 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\060C0000\47ECB48E.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\060C0000\47ECB48F.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\060C0000\47ECB490.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\06BC0000\47FFE70B.VBN Infected: Trojan-Downloader.Win32.IstBar.gen 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4B.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4C.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4D.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240000\4BE40B4E.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6A.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6B.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6C.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240001\4BE40B6D.VBN Infected: Trojan-Downloader.Win32.Qoologic.at 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08240002.VBN Infected: not-a-virus:AdWare.Win32.Virtumonde.kts 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08380000\4BFBCA76.VBN Infected: Trojan-Clicker.JS.Linker.j 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08380001\4BFBCAAA.VBN Infected: Trojan-Downloader.JS.Small.ag 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08A00000.VBN Infected: Backdoor.Win32.SdBot.alz 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09000000\4BE3FFAA.VBN Infected: not-a-virus:AdWare.Win32.Sud.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0000\4BFD2136.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0000\4BFD2137.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0000\4BFD2138.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0001\4BFD3A47.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0001\4BFD3A48.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09BC0001\4BFD3A49.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09C80000.VBN Infected: Trojan-Downloader.Win32.Small.cam 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A9C0000\4BFCCC42.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AA80000.VBN Infected: Trojan-Downloader.Win32.Adload.l 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB80000\4EB873D0.VBN Infected: not-a-virus:AdWare.Win32.NewDotNet.i 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AF00000\4BF96851.VBN Infected: Trojan-Downloader.Win32.VB.ri 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA80000\4FA81629.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ai 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA80000\4FA81629.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.aa 2
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BA80000\4FA81629.VBN Infected: not-a-virus:AdWare.Win32.SurfSide.ak 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80000\4FF96B46.VBN Infected: Trojan.Win32.StartPage.ahg 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80001\4FF96B5A.VBN Infected: Trojan-Clicker.Win32.VB.kc 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80002.VBN Infected: Trojan-Downloader.Win32.VB.vr 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80003\4FF987D9.VBN Infected: Trojan.Win32.StartPage.ahg 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80004\4FF987ED.VBN Infected: Trojan-Downloader.Win32.VB.ri 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80005\4FF987FE.VBN Infected: Trojan-Downloader.Win32.VB.vr 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CF80006\4FF98810.VBN Infected: Trojan-Clicker.Win32.VB.kc 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0000\4FFC0BD0.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0000\4FFC0BD1.VBN Infected: not-a-virus:AdWare.Win32.Suggestor.o 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE5.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.351 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE6.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE7.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BE9.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BEA.VBN Infected: not-a-virus:AdWare.Win32.WebHancer 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0001\4FFC0BEB.VBN Infected: not-a-virus:AdWare.Win32.WebHancer.381 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0002\4FFC0BFB.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CFC0002\4FFC0BFC.VBN Infected: not-a-virus:AdWare.Win32.CommAd.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EE40000\4EF50FBC.VBN Infected: not-a-virus:Monitor.Win32.NetMon.a 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FF0000E.VBN Infected: not-a-virus:AdWare.Win32.MDH.g 1
C:\Documents and Settings\All Users.WINXP\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0FF0000F.VBN Infected: not-a-virus:AdWare.Win32.MDH.g 1
C:\Documents and Settings\gzan\.housecall6.6\Quarantine\css4[1].bac_a02068 Infected: not-a-virus:AdWare.Win32.Virtumonde.lrz 1
C:\Documents and Settings\gzan\.housecall6.6\Quarantine\ddcca.dll.bac_a03352 Infected: Trojan.Win32.Monder.gen 1
C:\Documents and Settings\gzan\Desktop\appz\Bart\tbar.exe Infected: not-a-virus:AdWare.Win32.Dogpile.a 2
C:\Documents and Settings\gzan\Desktop\Desktop Utils\backups\backup-20080614-122037-803.dll Infected: Trojan.Win32.Monder.gen 1
C:\
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP