Thread: PC Critical condition. Couldn't open anti-v program. Couldn't install dss.exe
View Single Post
Old 05-17-2008, 10:52 PM   #5 (permalink)
cableguy
Registered User
 
Join Date: Apr 2008
Posts: 23
OS: xp sp2


Re: PC Critical condition. Couldn't open anti-v program. Couldn't install dss.exe
Finally. Thank you so much for responding.
I removed the hard disk and plugged in into another system.
The booting system has only C drive. E, F and G drive belongs to the badly hit hard disk. I guessed now the booting system also somehow got infected.


;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-17 19:09:30
PROTECTIONS: 0
MALWARE: 77
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00018331 adware/gator Adware No 0 Yes No hkey_classes_root\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
00018331 adware/gator Adware No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C}
00029426 adware/sbsoft Adware No 0 Yes No c:\windows\rdt.ini
00029426 adware/sbsoft Adware No 0 Yes No hkey_local_machine\software\searchtoolbar
00034463 adware/wupd Adware No 0 Yes No c:\windows\system32\ide21201.vxd
00036016 adware/topmoxie Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\extensions\CmdMapping\{6685509E-B47B-4f47-8E16-9A5F3A62F683}
00047746 Adware/Lop Adware No 0 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460776.exe
00047746 Adware/Lop Adware No 0 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460777.exe
00047746 Adware/Lop Adware No 0 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460775.exe
00098066 adware/secure32 Adware No 1 Yes No c:\windows\system32\oleext.dll
00120519 Adware/TopRebates Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460773.exe[EbatesMoeMoneyMaker1.exe]
00120519 Adware/TopRebates Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460774.exe[EbatesMoeMoneyMaker1.exe]
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\Administrator.PPC1\Desktop\SDFix.exe[SDFix\apps\Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Desktop\SDFix\SDFix\apps\Process.exe
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.tribalfusion.com/]
00145737 Cookie/TopRebates.com TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@www.toprebates[2].txt
00145745 Cookie/OfferOptimizer TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\penerangan@offeroptimizer[2].txt
00145745 Cookie/OfferOptimizer TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.MUHAMMADIYAH\Cookies\administrator@offeroptimizer[1].txt
00145745 Cookie/OfferOptimizer TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\pendep0@offeroptimizer[2].txt
00145745 Cookie/OfferOptimizer TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@offeroptimizer[1].txt
00145745 Cookie/OfferOptimizer TrackingCookie No 0 Yes No C:\Documents and Settings\penerangan\Cookies\penerangan@offeroptimizer[3].txt
00145749 Cookie/Dashbar TrackingCookie No 0 Yes No C:\Documents and Settings\penerangan\Cookies\penerangan@results.dashbar[1].txt
00161843 Cookie/Transponder TrackingCookie No 0 Yes No C:\Documents and Settings\penerangan\Cookies\penerangan@pyn.pynix[2].txt
00161843 Cookie/Transponder TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@pyn.pynix[1].txt
00161887 Adware/TopRebates Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460774.exe[EbatesMoeMoneyMaker0.exe]
00161887 Adware/TopRebates Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460773.exe[EbatesMoeMoneyMaker0.exe]
00161888 Adware/TopRebates Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460773.exe[disp350.exe]
00161888 Adware/TopRebates Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460774.exe[disp350.exe]
00161898 Cookie/BetterInet TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@a[3].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.com.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\adib\Cookies\adib@com[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@com[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\adib\Cookies\adib@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\pendep0@xiti[1].txt
00167724 Cookie/HotLog TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@hotlog[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@ad.yieldmanager[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@bs.serving-sys[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\pendep0@888[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.adtech.de/]
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.bravenet.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Cookies\administrator@adultfriendfinder[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\pendep0@adultfriendfinder[2].txt
00200862 Cookie/Btgrab TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\pendep0@btg.btgrab[2].txt
00200862 Cookie/Btgrab TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\penerangan@btg.btgrab[1].txt
00200862 Cookie/Btgrab TrackingCookie No 0 Yes No C:\Documents and Settings\penerangan\Cookies\penerangan@btg.btgrab[2].txt
00200862 Cookie/Btgrab TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.MUHAMMADIYAH\Cookies\administrator@btg.btgrab[2].txt
00200862 Cookie/Btgrab TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator\Cookies\administrator@btg.btgrab[2].txt
00217990 Cookie/WinFixer TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\pendep0@winfixer[2].txt
00220166 trj/spamer.c Virus/Trojan No 0 Yes No c:\windows\system32\wwwloader.exe.bak
00247910 w32/locksky.au.worm Virus/Worm No 0 Yes No c:\windows\system32\hard.lck
00258441 Adware/TopRebates Adware No 0 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP460\A0461888.exe
00258441 Adware/TopRebates Adware No 0 Yes No C:\QooBox\Quarantine\C\Program Files\EbatesMoeMoneyMaker4\EbatesMoeMoneyMaker.exe.vir
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Administrator.PPC1\Application Data\Mozilla\Firefox\Profiles\9cu4f5bs.default\cookies.txt[.atwola.com/]
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\Documents and Settings\Administrator.PPC1\Desktop\ComboFix.exe[327882R2FWJFW\NirCmdC.cfexe]
01176994 Bck/VB.XB Virus/Trojan No 0 No No E:\Documents and Settings\Adib\Desktop\ComboFix.exe[327882R2FWJFW\nircmd.cfexe]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460715.EXE
02656918 Adware/VirusRanger Adware No 0 No No C:\QooBox\Quarantine\C\Documents and Settings\Administrator.PPC1\My Documents\vrg_setup.exe.vir[VirusRanger.exe]
02656918 Adware/VirusRanger Adware No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP441\A0457571.exe[VirusRanger.exe]
02839079 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460774.exe[popo350a_non.htm]
02839079 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460773.exe[popo350a_non.htm]
02870155 Application/VirusRanger HackTools No 0 No No C:\QooBox\Quarantine\C\Documents and Settings\Administrator.PPC1\My Documents\vrg_setup.exe.vir[asc4.dll]
02870155 Application/VirusRanger HackTools No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP441\A0457571.exe[asc4.dll]
02870162 Application/VirusRanger HackTools No 0 No No C:\QooBox\Quarantine\C\Documents and Settings\Administrator.PPC1\My Documents\vrg_setup.exe.vir[bpw.dll]
02870162 Application/VirusRanger HackTools No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP441\A0457571.exe[bpw.dll]
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460706.sys
02895340 Adware/PurityScan Adware No 0 Yes No E:\WINDOWS\system32\univrs32.dat
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0003.chk\A0009524.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\file0001.chk
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP8\A0005140.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0002.chk\A0005135.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009522.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0003.chk\A0009506.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0006083.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0003.chk\A0009486.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009504.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009484.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005133.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP12\A0009677.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005118.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0002.chk\A0005120.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005089.com
02896018 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005103.com
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005090.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005104.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005117.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP8\A0005139.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005102.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0006082.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005119.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005088.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009483.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009503.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005134.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0003.chk\A0009507.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009521.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP8\A0005141.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009523.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0003.chk\A0009487.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0002.chk\A0005092.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0006084.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0002.chk\A0005136.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009485.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005132.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No F:\found.001\dir0002.chk\A0005121.inf
02896019 W32/Lineage.HHE.worm Virus/Worm No 1 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009505.inf
02902637 Rootkit/Nurech.BC HackTools No 1 Yes No E:\WINDOWS\system32\dllcache\beep.sys
02902637 Rootkit/Nurech.BC HackTools No 1 Yes No E:\WINDOWS\system32\drivers\beep.sys
02902637 Rootkit/Nurech.BC HackTools No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP4\A0003982.sys
02906359 Adware/WinReanimator Adware No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460634.exe
02906359 Adware/WinReanimator Adware No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460633.exe
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009575.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP18\A0011801.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009573.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011793.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011883.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP18\A0011805.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011887.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011907.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011795.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP18\A0011803.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011885.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011905.inf
02906930 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011903.inf
02906931 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\Documents and Settings\Administrator\Local Settings\Temp\bm.dll
02906931 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP534\A0470251.dll
02906932 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009578.exe
02906932 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011908.exe
02906933 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\Documents and Settings\Administrator\Local Settings\Temp\jkero.dll
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\rtnlpipu.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011794.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP18\A0011802.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011906.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011886.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011884.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP18\A0011804.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No F:\rtnlpipu.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009572.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011792.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009574.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011882.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011904.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011902.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011790.exe
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP18\A0011800.com
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011909.exe
02906934 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\rtnlpipu.com
02906935 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011791.dll
02906935 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012014.dll
02906935 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011897.dll
02906935 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011910.dll
02906936 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\WINDOWS\system32\tavo1.dll
02906936 W32/Lineage.HUZ.worm Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009564.dll
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP12\A0009615.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP11\A0009601.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP5\A0005030.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\WINDOWS\system32\winivstr.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009562.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP12\A0009686.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP16\A0010712.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP4\A0004030.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP534\A0470255.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009518.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP16\A0010723.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP19\A0011901.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP17\A0011748.exe
02907453 Application/WinReanimator Spyware No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP10\A0009586.exe
02908018 Cookie/WinReanimator TrackingCookie No 0 Yes No E:\Documents and Settings\Adib\Cookies\adib@winreanimator[1].txt
02910707 Spyware/Virtumonde Spyware No 1 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\jkhhf.dll.vir
02910707 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460697.dll
02913521 Adware/UltimateDefender Adware No 0 Yes No E:\sysivsl.exe
02917642 Generic Malware Virus/Trojan No 0 No No C:\QooBox\Quarantine\C\Documents and Settings\Administrator.PPC1\My Documents\vrg_setup.exe.vir[vrsvc.exe]
02917642 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP441\A0457571.exe[vrsvc.exe]
02918031 Spyware/Virtumonde Spyware No 1 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\byxxwxy.dll.vir
02918031 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460695.dll
02919874 Generic Malware Virus/Trojan No 0 No No C:\QooBox\Quarantine\C\Documents and Settings\Administrator.PPC1\My Documents\vrg_setup.exe.vir[vrext.dll]
02919874 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP441\A0457571.exe[vrext.dll]
02928117 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460629.dll
02929194 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460628.dll
02929573 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460630.dll
02936413 W32/Lineage.IGF Virus No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012021.exe
02936416 W32/Lineage.IGF Virus No 0 Yes No E:\Documents and Settings\Adib\Local Settings\Temp\tru1.tmp
02936418 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP534\A0470250.dll
02936432 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012023.dll
02936435 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012022.dll
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460618.bat
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012911.bat
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012915.bat
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460617.bat
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP457\A0460619.bat
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012913.bat
02936957 Trj/Lineage.IGU Virus/Trojan No 0 Yes No E:\WINDOWS\system32\kavo.exe
02937095 W32/Lineage.IGW Virus No 0 Yes No E:\WINDOWS\system32\tavo.exe
02937101 W32/Lineage.IGW.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP534\A0470253.dll
02937104 W32/Lineage.IGW.worm Virus/Worm No 0 Yes No E:\WINDOWS\system32\tavo0.dll
02937104 W32/Lineage.IGW.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012910.dll
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No F:\gsxlexd.cmd
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012015.cmd
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No G:\gsxlexd.cmd
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012013.exe
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No F:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012019.cmd
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No G:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP20\A0012017.cmd
02937164 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP534\A0470258.cmd
02937165 W32/Lineage.IGF.worm Virus/Worm No 0 Yes No E:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP534\A0470254.dll
02937205 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{DC04EF94-E5F5-4E95-9122-A36A9735AB63}\RP458\A0460694.dll
02937231 W32/Lineage.IGW.worm Virus/Worm No 0 Yes No E:\Documents and Settings\Adib\Local Settings\Temp\tru2.tmp
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005115.dll
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009498.dll
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009565.dll
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009519.dll
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005130.dll
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP9\A0009476.dll
02941012 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\System Volume Information\_restore{B11E8933-832A-4A2A-A722-FD1342D848DD}\RP7\A0005100.dll
02942184 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\WINDOWS\system32\kavo0.dll
02942184 Trj/Lineage.BZE Virus/Trojan No 1 Yes No E:\WINDOWS\system32\kavo1.dll
;===================================================================================================================================================================================
SUSPECTS
Sent Location %HXE
3

;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description %HXE
3

;===================================================================================================================================================================================
108742 MEDIUM MS06-006 %HXE
3

;===================================================================================================================================================================================
Attached Files
File Type: txt kaspersky anti-virus log.txt (353.4 KB, 2 views)
cableguy is offline