Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

pop ups, search bar (mirar) broadband very slow

Started by el__Burro , Mar 15 2006 05:06 AM

  • Please log in to reply

#16
el__Burro
Posted 18 March 2006 - 06:14 PM

el__Burro

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Good News..
I managed to get EWIDO started..
cleaned lots of stuff..
here is the report

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 00:03:37, 19/03/2006
+ Report-Checksum: 93BF351D

+ Scan result:

[236] C:\WINDOWS\System32\csrssv.exe -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IZ43YZ83\drsmartload[1].exe -> Downloader.Adload.x : Cleaned with backup
C:\WINDOWS\system32\csrssv.exe -> Backdoor.Rbot : Cleaned with backup
C:\WINDOWS\system32\LogFiles\A5051800.so -> Trojan.LowZones.ba : Cleaned with backup
C:\WINDOWS\system32\logon.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\system32\lgwbuye.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\system32\pmsdwikt.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\system32\winscntrl.exe -> Trojan.Pakes : Cleaned with backup
C:\WINDOWS\system32\uwmhmp.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\system32\bgeydinx.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\WINDOWS\system32\nmafamvs.exe -> Backdoor.Rbot.apd : Cleaned with backup
C:\WINDOWS\tok\smart.exe -> Downloader.Adload.t : Cleaned with backup
C:\WINDOWS\cn.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\WINDOWS\mm83.ocx -> Downloader.VB.ov : Cleaned with backup
C:\WINDOWS\eltpower.exe -> Logger.Agent.hi : Cleaned with backup
C:\WINDOWS\spool\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\WINDOWS\spool\newdr.exe -> Downloader.Adload.t : Cleaned with backup
C:\WINDOWS\pi1_34.exe -> Downloader.Small.bue : Cleaned with backup
C:\WINDOWS\surv3.exe -> Downloader.VB.vv : Cleaned with backup
C:\WINDOWS\876057.exe -> Adware.Mirar : Cleaned with backup
C:\WINDOWS\876029.exe -> Adware.SaveNow : Cleaned with backup
C:\WINDOWS\eee2.exe -> Adware.MediaMotor : Cleaned with backup
C:\WINDOWS\cm\index.exe -> Hijacker.Small.hh : Cleaned with backup
C:\WINDOWS\cm\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\WINDOWS\cm\newdr.exe -> Downloader.Adload.t : Cleaned with backup
C:\WINDOWS\elitemediapop.exe -> Trojan.LowZones.am : Cleaned with backup
C:\WINDOWS\inst_adperform.exe -> Adware.BargainBuddy : Cleaned with backup
C:\WINDOWS\winhost32.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[1].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[2].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[3].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[4].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[5].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[6].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[7].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[8].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[9].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[10].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[11].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[12].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[13].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[14].exe -> Proxy.Ranky.ek : Cleaned with backup
C:\Documents and Settings\Mario&Josette\Local Settings\Temp\VVSNInst.exe -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\backups\backup-20060317-143327-927.dll -> Adware.E2Give : Cleaned with backup
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\backups\backup-20060317-144006-557.dll -> Adware.Mirar : Cleaned with backup
C:\Documents and Settings\Mario&Josette\Cookies\mario&josette@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Mario&Josette\bleh.exe -> Dropper.Agent.ye : Cleaned with backup
C:\Program Files\Common Files\System\Mapi\1033\bleh.exe -> Dropper.Agent.ye : Cleaned with backup
C:\Program Files\Common Files\Windows\services32.exe -> Adware.Maxifiles : Cleaned with backup
C:\Program Files\VVSN\VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\Save -> Adware.SaveNow : Cleaned with backup
C:\Program Files\Save\SaveUninst.exe -> Adware.SaveNow : Cleaned with backup
C:\mousepad2.exe -> Hijacker.VB.li : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP233\A0046752.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP233\A0046754.EXE -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP233\A0046756.DLL -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0049379.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0049380.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0050371.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0050375.exe -> Downloader.Small.buy : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0050412.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0050423.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0050424.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0050425.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051397.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051398.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051401.exe/spool\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051401.exe/spool\is940.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051402.exe -> Downloader.Small.bue : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051403.exe -> Adware.Mirar : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051404.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051405.exe/eee2.exe -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051406.exe -> Downloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051455.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051465.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051466.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051467.ocx -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051479.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051480.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051482.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051485.exe -> Trojan.Scapur.k : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052589.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051491.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051562.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051563.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051564.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051565.exe/spool\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051565.exe/spool\is940.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051566.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051567.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051569.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051572.exe -> Trojan.Scapur.k : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051574.ocx -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051580.exe -> Adware.PurityScan : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051581.exe -> Downloader.PurityScan.br : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051587.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051589.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051592.exe/spool\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051592.exe/spool\is940.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051593.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051594.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051596.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051597.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051600.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051603.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051604.ocx -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051606.exe -> Downloader.Small.bue : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051607.exe -> Downloader.VB.vv : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051608.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051610.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0051614.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052591.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052595.exe/spool\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052595.exe/spool\is940.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052599.exe -> Downloader.Small.bue : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052600.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052601.exe/eee2.exe -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052602.exe -> Downloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052604.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052606.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052607.ocx -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0052609.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0053587.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0053665.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0053667.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0053670.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0053671.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0053673.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054588.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054589.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054591.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054599.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054600.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054602.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054608.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054609.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054610.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054611.ocx -> Downloader.VB.ov : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054612.ocx -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054615.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054616.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054618.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054626.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054627.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054632.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054636.exe/spool\index1.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054636.exe/spool\is940.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054723.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054724.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054725.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0054726.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0055626.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0055699.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0055701.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0055704.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0055705.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0055707.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0056626.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0056627.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0056633.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0056636.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0057629.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0057630.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0057632.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0057636.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0059634.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0058631.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0058632.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0058634.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0058640.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0058641.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061718.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0059635.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0059639.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0059643.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0059644.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061719.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060631.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060632.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060634.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060637.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060638.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060643.exe -> Trojan.Scapur.k : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060645.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060646.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061720.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060652.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060654.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060663.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060664.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060666.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060676.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060678.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060681.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060685.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060686.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060688.exe -> Logger.Agent.hi : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060689.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060690.exe -> Hijacker.Small.hh : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060691.exe -> Trojan.LowZones.cf : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060693.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060698.exe -> Trojan.Scapur.k : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060700.ocx -> Adware.MediaMotor : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060707.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060708.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060719.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060720.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060721.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060722.exe -> Downloader.VB.yn : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060727.exe -> Downloader.VB.jl : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060728.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060730.exe -> Downloader.Dyfuca.ei : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060731.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060776.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0060778.dll -> Adware.Mirar : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061673.exe -> Backdoor.Small.eo : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061711.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061714.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061726.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061727.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061729.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061732.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061735.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0061736.exe -> Downloader.Adload.x : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062731.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062732.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062734.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062756.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062757.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062759.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062762.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062778.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062779.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062781.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0062784.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063790.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063791.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063795.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063798.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063813.exe/smart.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063817.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063818.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063821.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063828.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063829.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063832.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063846.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063847.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063848.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063854.exe -> Downloader.Adload.t : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063859.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063860.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063864.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063869.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063873.dll -> Adware.E2Give : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063877.exe -> Backdoor.Rbot.asp : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063880.dll -> Adware.Mirar : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0063883.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066911.dll -> Adware.Mirar : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066912.exe -> Logger.VB.eh : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066913.exe -> Downloader.PurityScan.br : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066914.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066915.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066916.dll -> Adware.Softomate : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP250\A0066917.exe -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0069918.exe -> Dropper.Paradrop.a : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0070899.EXE -> Dropper.Agent.ye : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0079011.exe -> Adware.Virtumonde : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0079070.exe -> Trojan.Scapur.k : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0079097.exe -> Dropper.Agent.aac : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0079099.exe -> Adware.Maxifiles : Cleaned with backup
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP251\A0079101.exe -> Dropper.Agent.aac : Cleaned with backup
C:\a.bat -> Trojan.Zapchast : Cleaned with backup


::Report End


and the HJT

Logfile of HijackThis v1.99.1
Scan saved at 00:13:26, on 19/03/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\BENQMA~1\QtEiBenQ.EXE
C:\Program Files\O2Micro\SuperDJ\o2mdj.exe
C:\Program Files\BenQ\QMusic\QMAgent.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.repubblica.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.repubblica.it/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.benq.com/
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-gb\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QtEiBenQ] C:\PROGRA~1\BENQMA~1\QtEiBenQ.EXE
O4 - HKLM\..\Run: [o2cd] C:\Program Files\O2Micro\SuperDJ\o2mdj.exe
O4 - HKLM\..\Run: [QMusic] "C:\Program Files\BenQ\QMusic\QMAgent.exe"
O4 - HKLM\..\Run: [Ulead Memory Card Detector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Monitor.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://WWW.BenQ.COM/
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.c..._1/yregucfg.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-sec...m/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52994B03-1651-4E02-921A-36DB03AB21F8}: NameServer = 83.146.21.5 212.158.248.6
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: wins(WINS) (wins) - Unknown owner - C:\WINDOWS\system32\winscntrl.exe (file missing)

THANKS
  • 0

Advertisements

#17
don77
Posted 18 March 2006 - 08:13 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Much better,

Go to Start > Run and type "Services.msc" (without quotes) then hit Ok
Scroll down and find the below services:

wins(WINS) (wins)

When you find it, double-click on it. In the next window that opens, under the General tab click the Stop button, then click the drop-down box to change the Startup Type to Disabled. Now hit Apply and then Ok.

Open HiJackThis, click on "None of the above, just start the program". Now, click on the "Config" button (bottom right), then click on "Misc Tools", then click on "Delete an NT Service" a window will pop up. Enter the below item into that field (make sure there are NO spaces before or after the name):

wins

Click OK.

It should pull up information about the service, then ask if you want to reboot. Click YES.

After the computer restarts, Rescan with Active scan, Post back the log from it when done and a fresh HJT log please,


One thing I need for you to do is to create a new restore point

see this link http://www.microsoft...ps/kimsey1.mspx
  • 0

#18
el__Burro
Posted 19 March 2006 - 05:53 AM

el__Burro

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
ActiveScan Report

Incident Status Location

Virus:W32/Parite.B Not disinfected Operating system
Adware:adware/popuper Not disinfected C:\WINDOWS\SYSTEM32\hhk.dll
Adware:adware/virmaid Not disinfected C:\WINDOWS\SYSTEM32\perfcii.ini
Adware:adware program Not disinfected C:\WINDOWS\SYSTEM32\data.~
Adware:adware/dollarrevenue Not disinfected C:\drsmartload1.exe
Spyware:spyware/media-motor Not disinfected C:\WINDOWS\ubber60.ini
Adware:adware/dyfuca Not disinfected C:\WINDOWS\optimize.exe
Adware:adware/savenow Not disinfected C:\PROGRAM FILES\VVSN
Adware:adware/whenusearch Not disinfected C:\PROGRAM FILES\COMMON FILES\WhenU
Adware:adware/maxifiles Not disinfected C:\PROGRAM FILES\COMMON FILES\InetGet
Adware:adware/e2give Not disinfected Windows Registry
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Mario&Josette\Cookies\mario&josette@tradedoubler[1].txt
Virus:W32/Parite.B Not disinfected C:\I386\EXPAND.EXE
Virus:W32/Parite.B Not disinfected C:\I386\NETSETUP.EXE
Virus:W32/Parite.B Not disinfected C:\I386\NTSD.EXE
Virus:W32/Parite.B Not disinfected C:\I386\REGEDIT.EXE
Virus:W32/Parite.B Not disinfected C:\I386\SYSPARSE.EXE
Virus:W32/Parite.B Not disinfected C:\I386\TELNET.EXE
Virus:W32/Parite.B Not disinfected C:\I386\WINNT32.EXE
Virus:W32/Parite.B Not disinfected C:\I386\DRW\DWWIN.EXE
Virus:W32/Parite.B Not disinfected C:\unzipped\asteroids_win\Neave Asteroids.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\pacman_win\Neave Pac-Man.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\invaders_win\Neave Space Invaders.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\tetris_win\Neave Tetris.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\sc\ScreenCatch.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\renne1\Elch.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\hoster\Hoster\Hoster.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\divx_3.11alpha\DivX_311alpha\Register_DivX.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\divx_3.11alpha\DivX_311alpha\SetStereo.exe
Virus:W32/Parite.B Not disinfected C:\unzipped\bfu\BFU.exe
Virus:W32/Parite.B Not disinfected C:\Kaspersky\Getvlist.exe
Virus:W32/Parite.B Not disinfected C:\Kaspersky\kavss.exe
Virus:W32/Parite.B Not disinfected C:\Kaspersky\kavupd.exe
Virus:W32/Parite.B Not disinfected C:\BFU\BFU.exe
Virus:W32/Parite.B Not disinfected C:\Scaricamenti\RealPlayer10-5GOLD_it.exe
Virus:W32/Parite.B Not disinfected C:\Scaricamenti\ihp_Kitchen.exe
Virus:W32/Parite.B Not disinfected C:\Scaricamenti\LimeWireWin.exe
Virus:W32/Parite.B Not disinfected C:\smart.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\drivers\Install.EXE
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\wbem\wmiapsrv.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\oobe\oobebaln.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\usmt\migload.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\usmt\migwiz.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\spoolsv.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\notepad.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\cidaemon.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\cisvc.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\cliconfg.exe
Virus:Trj/Agent.BMS Not disinfected C:\WINDOWS\system32\ljjgh.dll
Virus:Trj/Agent.BMS Not disinfected C:\WINDOWS\system32\vtusq.dll
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\expand.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\ntsd.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\pathping.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\migpwd.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\asuninst.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\uwdf.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\clspack.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\netsetup.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\jdbgmgr.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\jview.exe
Virus:Trj/Agent.BMS Not disinfected C:\WINDOWS\system32\awtss.dll.vir
Virus:W32/Sdbot.FPO.worm Not disinfected C:\WINDOWS\system32\eraseme_27475.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\telnet.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\wjview.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\ptuninst.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\nvsvc32.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\dmcpl.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\nwiz.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Com\comrepl.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\unam4ie.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\scplayer.exe
Adware:Adware/Puper Not disinfected C:\WINDOWS\system32\hhk.dll
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\ActiveScan\pavdr.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Utility\UnLAN.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Utility\detectID.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Utility\INSTALL.EXE
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Utility\remove.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Utility\CheckDev.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\UnLAN.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\remove.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\wuauclt1.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\addfilter.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\dxdllreg.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\Ulead Photo Explorer.scr
Virus:Trj/Agent.BMS Not disinfected C:\WINDOWS\system32\khffe.dll
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\java.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\javaw.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\javaws.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\nenzj.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\spooIsv.exe
Virus:W32/Sdbot.ftp Not disinfected C:\WINDOWS\system32\i
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\voea.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\system32\iexplore.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\vta1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\pua2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\xva3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\ujaB.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\jja1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\ska2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\cka3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\zja97.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\wka1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\qla2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\wla3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\qla1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\mla2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\ima3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\fla20D.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\lya1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\kaa2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\nba3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\kea4.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\hma8.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\bla1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\cla2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\ala3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\soa4.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\nkaD.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\xna1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\joa2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\qoa3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\oqa5.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\lqa6.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\lna1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\rtaA.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\szaB.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\ina2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\rna3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\doa4.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\sjaE.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\doa1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\soa2.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\wpa3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\kpa4.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\wja8.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\yoa1.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\joa3.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\doa5.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\xoa6.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Temp\zma8.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\regedit.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\OLD28.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\OLD2B.tmp
Virus:W32/Parite.B Not disinfected C:\WINDOWS\UNINST32.EXE
Virus:W32/Parite.B Not disinfected C:\WINDOWS\tok\zan.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RUNONCEW.EXE
Virus:W32/Parite.B Not disinfected C:\WINDOWS\Joybook.scr
Virus:W32/Parite.B Not disinfected C:\WINDOWS\OLD2E.tmp
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\s?stem32\rundll32.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\LastGood\regedit.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\LastGood\system32\expand.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\spool\is940.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\spool\mc-110-12-0000141.exe
Virus:Trj/Multidropper.BFL Not disinfected C:\WINDOWS\spool\run.bat
Virus:W32/Parite.B Not disinfected C:\WINDOWS\spool\YazzleBundle-1125.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\eeedo.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\optimize.exe
Spyware:Spyware/Media-motor Not disinfected C:\WINDOWS\unstall.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\cm\mc-110-12-0000141.exe
Virus:Trj/Multidropper.BFL Not disinfected C:\WINDOWS\cm\run.bat
Virus:W32/Parite.B Not disinfected C:\WINDOWS\cm\YazzleBundle-1125.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\PCHealth\HelpCtr\Binaries\HscUpd.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RegisteredPackages\{60BFF50D-FB2C-4498-A577-C9548C390BB9}\moviemk.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe
Virus:W32/Parite.B Not disinfected C:\WINDOWS\RegisteredPackages
  • 0

#19
don77
Posted 19 March 2006 - 06:42 AM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
would you do me a favor please,
could you send me a copy of the following file please,
Make sure you can view all Hidden Files/Folders
C:\drsmartload1.exe

please send it to
iamdon77"at"yahoo.com (replace the "at" with @)

After your done with that could you run BFU again please the tool was updated yesterday

see this topic http://www.geekstogo...showtopic=98929

then run ATF again, make sure everything is checked on the main screen

lets try a trendmicro scan,

TrendMicro's HouseCall have it clean all it finds and it will give you the option to save the log post back what it finds when done please
Post back a fresh HJT log as well please
  • 0

#20
el__Burro
Posted 19 March 2006 - 08:53 AM

el__Burro

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Hi,
I am not sure that I used BFU properly.. I did as asked in the FORUM..

I've also done a TRENDMicroscan, it gives me the report but when I CLEAN the page disappear.. I tryied twice...

Thanks
  • 0

#21
don77
Posted 19 March 2006 - 11:56 AM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Did Trend find anything ?

Lets try a different one

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

  • 0

#22
el__Burro
Posted 20 March 2006 - 07:06 AM

el__Burro

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
As requested.


-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, March 20, 2006 1:03:51 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 20/03/2006
Kaspersky Anti-Virus database records: 183107
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 56186
Number of viruses found: 22
Number of infected objects: 1749
Number of suspicious objects: 0
Duration of the scan process: 00:45:21

Infected Object Name / Virus Name / Last Action
C:\I386\EXPAND.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\NETSETUP.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\NTSD.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\REGEDIT.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\SYSPARSE.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\TELNET.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\WINNT32.EXE Infected: Virus.Win32.Parite.b skipped
C:\I386\DRW\DWWIN.EXE Infected: Virus.Win32.Parite.b skipped
C:\unzipped\asteroids_win\Neave Asteroids.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\pacman_win\Neave Pac-Man.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\invaders_win\Neave Space Invaders.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\tetris_win\Neave Tetris.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\sc\ScreenCatch.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\renne1\Elch.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\hoster\Hoster\Hoster.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\divx_3.11alpha\DivX_311alpha\Register_DivX.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\divx_3.11alpha\DivX_311alpha\SetStereo.exe Infected: Virus.Win32.Parite.b skipped
C:\unzipped\bfu\BFU.exe Infected: Virus.Win32.Parite.b skipped
C:\Kaspersky\Getvlist.exe Infected: Virus.Win32.Parite.b skipped
C:\Kaspersky\kavss.exe Infected: Virus.Win32.Parite.b skipped
C:\Kaspersky\kavupd.exe Infected: Virus.Win32.Parite.b skipped
C:\BFU\BFU.exe Infected: Virus.Win32.Parite.b skipped
C:\Scaricamenti\RealPlayer10-5GOLD_it.exe Infected: Virus.Win32.Parite.b skipped
C:\Scaricamenti\ihp_Kitchen.exe Infected: Virus.Win32.Parite.b skipped
C:\Scaricamenti\LimeWireWin.exe Infected: Virus.Win32.Parite.b skipped
C:\smart.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IZ43YZ83\drsmartload141a[1].exe Infected: Trojan-Downloader.Win32.Adload.ab skipped
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G9Q301UR\drsmartload[1].exe Infected: Trojan-Downloader.Win32.VB.yu skipped
C:\WINDOWS\system32\drivers\Install.EXE Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\wbem\wmiapsrv.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\oobe\oobebaln.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\usmt\migload.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\usmt\migwiz.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\spoolsv.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\notepad.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\cliconfg.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\ljjgh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\vtusq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\expand.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\ntsd.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\pathping.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\java.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\javaw.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\migpwd.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\asuninst.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\uwdf.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\clspack.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\netsetup.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\jdbgmgr.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\jview.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\awtss.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\javaws.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\telnet.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\wjview.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\ptuninst.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\nvsvc32.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\dmcpl.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\nwiz.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Com\comrepl.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\unam4ie.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\scplayer.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\hhk.dll Infected: Trojan.Win32.Puper.g skipped
C:\WINDOWS\system32\ActiveScan\pavdr.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Utility\UnLAN.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Utility\detectID.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Utility\INSTALL.EXE Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Utility\remove.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Utility\CheckDev.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\UnLAN.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\remove.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\wuauclt1.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\addfilter.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\dxdllreg.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\Ulead Photo Explorer.scr Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\khffe.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\system32\nenzj.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\spooIsv.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\system32\i Infected: Trojan-Downloader.BAT.Ftp.ab skipped
C:\WINDOWS\system32\iexplore.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\vdv30C.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\bua1.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\zwa2.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\wza3.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\yja1.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\hka2.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Temp\una3.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\regedit.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\OLD28.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\OLD2B.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\UNINST32.EXE Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\tok\zan.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RUNONCEW.EXE Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\Joybook.scr Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\OLD2E.tmp Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\sdk.exe Infected: Trojan-Downloader.Win32.Adload.ab skipped
C:\WINDOWS\LastGood\regedit.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\LastGood\system32\expand.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\LastGood\system32\ntsd.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\spool\is940.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\spool\mc-110-12-0000141.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\spool\YazzleBundle-1125.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\eeedo.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\optimize.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\cm\mc-110-12-0000141.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\cm\YazzleBundle-1125.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HscUpd.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{60BFF50D-FB2C-4498-A577-C9548C390BB9}\moviemk.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\alcrmv.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\alcupd.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\uninst.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\IsUninst.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\SOUNDMAN.EXE Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\iun6002.exe Infected: Virus.Win32.Parite.b skipped
C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe Infected: Virus.Win32.Parite.b skipped
C:\DRV\ALIAGP19.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\VGA\DMCPL.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\VGA\NVSVC32.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\VGA\NWIZ.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\MOD\PTUNINST.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\LAN\LAN130_S.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AUD\ALCCHKID.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AUD\ALCRMV.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AUD\ALCRMV9X.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AUD\ALCUPD.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AUD\SETCDFMT.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AUD\WDM\SOUNDMAN.EXE Infected: Virus.Win32.Parite.b skipped
C:\DRV\AGP\ALIINST.EXE Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\sysdat[15].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[1].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[2].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[3].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[4].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[5].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[6].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[7].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[8].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[9].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[10].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[11].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[12].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[13].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[14].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[15].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[16].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[17].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[18].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[19].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[20].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[21].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[22].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[23].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GDAJS12B\win32[24].exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\Local Settings\Temp\gtb2k1033.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\Local Settings\Temp\Patch_MSN_Messenger.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\Local Settings\Application Data\Identities\{B4457E6B-C5C1-4F40-AA42-42C45DDCF504}\Microsoft\Outlook Express\El Burro - Sent Items (1).dbx/[From "El Burro" <[email protected]>][Date Sun, 19 Mar 2006 13:34:47 -0000]/drsmartload1.exe Infected: Trojan-Downloader.Win32.VB.yu skipped
C:\Documents and Settings\Mario&Josette\Local Settings\Application Data\Identities\{B4457E6B-C5C1-4F40-AA42-42C45DDCF504}\Microsoft\Outlook Express\El Burro - Sent Items (1).dbx/[From "El Burro" <[email protected]>][Date Sun, 19 Mar 2006 13:34:47 -0000]/UNNAMED/drsmartload1.exe Infected: Trojan-Downloader.Win32.VB.yu skipped
C:\Documents and Settings\Mario&Josette\Local Settings\Application Data\Identities\{B4457E6B-C5C1-4F40-AA42-42C45DDCF504}\Microsoft\Outlook Express\El Burro - Sent Items (1).dbx/[From "El Burro" <[email protected]>][Date Sun, 19 Mar 2006 13:34:47 -0000]/UNNAMED Infected: Trojan-Downloader.Win32.VB.yu skipped
C:\Documents and Settings\Mario&Josette\Local Settings\Application Data\Identities\{B4457E6B-C5C1-4F40-AA42-42C45DDCF504}\Microsoft\Outlook Express\El Burro - Sent Items (1).dbx Mail MS Outlook 5: infected - 3 skipped
C:\Documents and Settings\Mario&Josette\Templates\AlcorDemo\smartap.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\My eBooks\pbscan1200.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\sav32sfx.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\MS_LITE.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\sdtrial.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\MicrosoftAntiSpywareInstall.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\HijackThis.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\ewido-setup.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\ONSPEED_bt.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Josette\Anti-virus programs\ATF-Cleaner.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\maya\mwav.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\Mario\SkypeSetup.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\Pictures\My Received Files\EPSON Driver.EXE Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\GAMEs\Neave Asteroids.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\GAMEs\Neave Space Invaders.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\GAMEs\Setup5cl.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\My Documents\New Folder\CleanUp40.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\Desktop\BFU.exe Infected: Virus.Win32.Parite.b skipped
C:\Documents and Settings\Mario&Josette\Desktop\Pac-Man.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\MSInfo\OFFPRV10.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\CFGWIZ.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\TCPTEST.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\OWSADM.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\OWSRMADM.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\isapi\FPCOUNT.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\Office10\DW.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin\SrchAdmStp.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\System\Mapi\1033\CNFNOT32.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\System\Mapi\1033\SCANOST.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Adobe\Workflow\AdobeWorkgroupHelper.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_03.b07\patchjre.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_03.b07\zipper.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_03.b07\launcher.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\patchjre.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\zipper.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05\launcher.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\InetGet\mc-110-12-0000141.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\InetGet\freeprodtb.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Yazzle1125OinAdmin.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Yazzle1125OinUninstaller.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Windows\AutoIt3.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Windows\mc-110-12-0000141.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Real\Update_OB\rnxproc.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Common Files\Real\GToolbar\GDSSetup.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows NT\hypertrm.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows NT\dialer.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN\MSNCoreFiles\update.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN\MSNCoreFiles\copymar.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN\MSNCoreFiles\dw.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN\MSNCoreFiles\msn6.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN Gaming Zone\Windows\zClientm.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Messenger\msmsgsin.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Messenger\msnaddin.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Messenger\msmsgs.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\wmplayer.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\wmlaunch.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\migrate.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\wmpenc.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\setup_wm.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\wmsetsdk.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\WM9Codecs.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\GDiVXZen1.2.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Windows Media Player\dlimport.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Outlook Express\setup50.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Outlook Express\msimn.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Movie Maker\moviemk.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Media\INSTNT.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Media\SYNMOOD.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Media\SYNTPENH.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Media\SYNTPLPR.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Media\SYNZMETR.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Media\TUTORIAL.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\SynZMetr.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\SynMood.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\Tutorial.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Synaptics\SynTP\InstNT.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\BenQ Manager\RMDEVICE.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Required\Droplet Template.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\ImageReady.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Constrain 350, Make JPG 30.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Constrain to 200x200 pixels.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Constrain to 64X64 pixels.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make Button.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make GIF (128 colors).exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make GIF (32, no dither).exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make GIF (64 colors).exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make JPEG (quality 10).exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make JPEG (quality 30).exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Make JPEG (quality 60).exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Multi-Size Save.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets\Unsharp Mask.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Aged Photo.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Conditional Mode Change.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Constrain to 300 pixels.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Constrain to 64 pixels.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Drop Shadow Frame.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Make Button.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Make Sepia Tone.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Save As JPEG Medium.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\Photoshop Droplets\Save As Photoshop PDF.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\NewTech Infosystems\NTI CD-Maker 2000 Plus\Cdmkr32.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\NewTech Infosystems\NTI CD-Maker 2000 Plus\JCMkr32.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\NewTech Infosystems\NTI CD-Maker 2000 Plus\NMPLAY32.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDirector\PowerDirector.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDirector\CLDMA.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDirector\DiscWizard.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDirector\DVDPlayer\Pdvd_rt\PowerDVD.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDVD\dvdrgn.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDVD\CLDMA.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDVD\ddtester.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\PowerDVD\cltest.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CyberLink\Common\UpdateIPR.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\BenQ\QMusic\UninstallQMusic.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\BenQ\QMusic\QMusic.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Joybook\Uninstall.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\eViewer.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\olreg.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Pex1.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\AutoLoad.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Drop.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Ulead Systems\Ulead Photo Explorer 7.0\Pex.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CleanUp!\Cleanup.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CleanUp!\uninstall.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\WinZip\WZQKPICK.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\WinZip\WZSEPE32.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\WinZip\WINZIP32.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN Messenger\dw.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\mtbs.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN Toolbar\01.01.1601.0\msgr.en-us.en-gb\mtbs.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.en-us.en-gb\mtbs.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\PCL-W310\Ap.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\PCL-W310\Admin.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\PCL-W310\Uninstall.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Skype\Phone\unins000.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Skype\Phone\ImportContacts\msn-import.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Skype\Phone\ImportContacts\opera-import.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Skype\Phone\ImportContacts\outlook-import.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Skype\Phone\ImportContacts\wab-import.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\Sims.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\UserData\Web Templates\Localization_Templates\Tokin.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\EReg\The Sims Deluxe Edition_Code.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\EReg\The Sims Deluxe Edition_EZ.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\EReg\The Sims Deluxe Edition_eReg.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\EReg\The Sims Deluxe Edition_uninst.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims\EReg\go_ez.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Maxis\The Sims Creator\TheSimsCreator.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CoolstreamingIT\CoolstreamingIT0.3.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\CoolstreamingIT\unins000.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Real\RealPlayer\realplay.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Real\RealPlayer\realjbox.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Real\RealPlayer\rphelperapp.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Real\RealPlayer\fixrjb.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\IKEA Home Planner Kitchen\UNWISE.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\IKEA Home Planner Kitchen\IKEA Kitchen Planner.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Flash.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Release\FlashPla.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Release\flash32.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Release\InstallAXFlash.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Flash32.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\FlashPla.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\InstallAXFlash.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Debug\flash32.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Debug\FlashPla.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Macromedia\Flash 5\Lettori\Debug\InstallAXFlash.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\1033\MSOHELP.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\1033\UNPACK.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MSACCESS.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\FRONTPG.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MSIMPORT.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\VTIDB.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\VTIDISC.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\VTIFORM.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\VTIPRES.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\GRAPH.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MCDLC.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MSTORDB.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MSTORE.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MSOHTMED.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\OSA.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\FINDER.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\POWERPNT.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\WAVTOASF.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\PROFLWIZ.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Microsoft Office\Office10\MSPUB.EXE Infected: Virus.Win32.Parite.b skipped
C:\Program Files\LimeWire\LimeWire.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\LimeWire\uninstall.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\java.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\javacpl.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\javaw.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\javaws.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\keytool.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\kinit.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\klist.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\ktab.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\orbd.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\pack200.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\policytool.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\rmid.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\rmiregistry.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\servertool.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_03\bin\tnameserv.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\java.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\javacpl.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\javaws.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\keytool.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\kinit.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\klist.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\ktab.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\orbd.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\pack200.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\policytool.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\rmid.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\rmiregistry.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\servertool.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Java\jre1.5.0_06\bin\tnameserv.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Thomson\SpeedTouch USB\stdialup.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Thomson\SpeedTouch USB\tools\dm.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Thomson\SpeedTouch USB\tools\scan.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Thomson\SpeedTouch USB\tools\regutil.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\SpeedTouch\Dr SpeedTouch\php.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\InetGet2\direct.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\Spyware Doctor\swdoctor.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\ewido\security suite\Uninstall.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\ewido\security suite\ewidoguard.exe Infected: Virus.Win32.Parite.b skipped
C:\Program Files\ewido\security suite\SecuritySuite.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082286.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082289.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082290.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082291.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082292.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082293.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082294.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082295.EXE Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082296.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082297.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082298.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082299.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082300.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082301.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082302.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082303.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082304.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082305.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082306.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082307.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082312.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082313.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082314.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082315.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082316.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082317.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082318.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082319.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082320.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082321.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082322.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082323.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082324.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082325.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082326.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082327.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082328.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082329.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082330.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082331.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082332.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082333.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082334.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082335.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082336.EXE Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082337.EXE Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082338.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082339.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082340.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082341.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082342.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082343.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082344.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082345.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082346.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082347.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082348.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082349.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082350.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082351.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082352.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082353.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082354.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082355.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082356.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082357.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082358.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082359.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082361.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082362.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082363.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082364.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082365.exe Infected: Virus.Win32.Parite.b skipped
C:\System Volume Information\_restore{451C02A7-B37D-481A-95AA-19FAF2A06CCC}\RP252\A0082366.EXE Infected:
  • 0

#23
don77
Posted 20 March 2006 - 07:08 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi again
I see we need to hook you up with a Anti Virus program
Go here and download bit defender evaluation version
http://www.bitdefend...u_id=1&v_id=137

After you have finished scanning and having it fix what it finds,
Rescan with Kaspersky and post back what it finds
  • 0

#24
el__Burro
Posted 21 March 2006 - 06:29 AM

el__Burro

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Here attach the findings after running Kaspersky

Attached Files


  • 0

#25
don77
Posted 22 March 2006 - 05:20 PM

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
This is one nasty worm
Did you download and install the Anti Virus program, and run a full scan with it ?
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP