Tech Support Forum - View Single Post - js/psyme virus aftermath scan from activescan 2.0

kewlix · 09-23-2008, 01:58 AM

2007-04-26 04:30:16 29,184 C:\Qoobox\Quarantine\C\WINDOWS\system32\MSINET.oca.vir
2007-09-24 00:05:16 279,600 C:\Qoobox\Quarantine\C\WINDOWS\system32\pac.txt.vir
2008-07-05 22:56:54 49,375 C:\Qoobox\Quarantine\C\Temp\1cb\syscheck.log.vir
2008-09-06 15:20:00 162,849 C:\Qoobox\Quarantine\C\WINDOWS\system32\zir2\KPL21i24.exe.vir
2008-09-06 20:22:08 34,816 C:\Qoobox\Quarantine\C\WINDOWS\system32\tuvUNedD.dll.vir
2008-09-06 20:22:08 34,816 C:\Qoobox\Quarantine\C\WINDOWS\system32\xxywTKEU.dll.vir
2008-09-06 20:22:19 1,858 C:\Qoobox\Quarantine\C\Temp\dax41\A3G.log.vir
2008-09-06 20:22:19 71,711 C:\Qoobox\Quarantine\C\WINDOWS\system32\fjuffubkbhhkp.exe.vir
2008-09-06 20:22:21 153,444 C:\Qoobox\Quarantine\C\WINDOWS\system32\g49.exe.vir
2008-09-06 20:22:23 64,859 C:\Qoobox\Quarantine\C\WINDOWS\system32\tockorppzaevwusj.exe.vir
2008-09-06 20:22:29 861 C:\Qoobox\Quarantine\C\WINDOWS\system32\winpfz33.sys.vir
2008-09-06 20:30:04 115,200 C:\Qoobox\Quarantine\C\WINDOWS\system32\cquypr.dll.vir
2008-09-06 20:30:04 115,200 C:\Qoobox\Quarantine\C\WINDOWS\system32\iaqfobdt.dll.vir
2008-09-06 20:53:25 85,008 C:\Qoobox\Quarantine\C\WINDOWS\system32\uesiuqcr.exe.vir
2008-09-06 20:53:48 50 C:\Qoobox\Quarantine\C\Documents and Settings\RivaL\Application Data\Microsoft\dtsc\s.vir
2008-09-06 20:55:28 10,240 C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\xpreload.ocx.vir
2008-09-06 21:56:22 648 C:\Qoobox\Quarantine\C\Documents and Settings\RivaL\Start Menu\Programs\Startup\DW_Start.lnk.vir
2008-09-06 21:57:13 684 C:\Qoobox\Quarantine\C\Documents and Settings\RivaL\Start Menu\Programs\Startup\Deewoo.lnk.vir
2008-09-06 22:26:58 192,582 C:\Qoobox\Quarantine\C\WINDOWS\system32\ncntttdm.exe.vir
2008-09-06 22:52:16 1,298,874 C:\Qoobox\Quarantine\C\WINDOWS\system32\yayofpnf.ini.vir
2008-09-07 10:04:59 115,200 C:\Qoobox\Quarantine\C\WINDOWS\system32\qrgkoeuw.dll.vir
2008-09-07 10:14:43 7,723 C:\Qoobox\Quarantine\C\WINDOWS\BM23233a67.txt.vir
2008-09-07 10:46:58 111,637 C:\Qoobox\Quarantine\C\WINDOWS\BM23233a67.xml.vir
2008-09-07 22:57:03 876,412 C:\Qoobox\Quarantine\C\WINDOWS\system32\bbbdgMoq.ini2.vir
2008-09-07 22:57:13 876,412 C:\Qoobox\Quarantine\C\WINDOWS\system32\bbbdgMoq.ini.vir
2008-09-19 21:19:44 15,360 C:\Qoobox\Quarantine\C\WINDOWS\system32\getsn32.dll.vir
2008-09-19 21:19:45 8,704 C:\Qoobox\Quarantine\C\WINDOWS\system32\smwin32.dll.vir
2008-09-19 21:35:35 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat
2008-09-19 21:35:35 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat
2008-09-19 21:35:35 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat
2008-09-19 21:35:36 378 C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}.reg.dat
2008-09-19 21:35:36 378 C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{0A94B116-4504-4e26-AB05-E61E474AA38B}.reg.dat
2008-09-19 21:35:37 1,006 C:\Qoobox\Quarantine\Registry_backups\BHO-{2D9F1530-0B38-4DCB-A90A-CECD559F3514}.reg.dat
2008-09-19 21:35:37 157 C:\Qoobox\Quarantine\Registry_backups\BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}.reg.dat
2008-09-19 21:35:37 374 C:\Qoobox\Quarantine\Registry_backups\BHO-{AE55C7EC-82F8-46CB-8DC2-57BF42F025FF}.reg.dat
2008-09-19 21:35:37 374 C:\Qoobox\Quarantine\Registry_backups\BHO-{F145B6CD-5D7C-4FE5-9AD9-C85D8F05DDCD}.reg.dat
2008-09-19 21:35:37 436 C:\Qoobox\Quarantine\Registry_backups\BHO-{65a4805e-60ef-7a07-28c7-3d4261929f71}.reg.dat
2008-09-19 21:35:38 121 C:\Qoobox\Quarantine\Registry_backups\Toolbar-SITEguard.reg.dat
2008-09-19 21:35:38 175 C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-updateMgr.reg.dat
2008-09-19 21:35:39 149 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-201009fb.reg.dat
2008-09-19 21:35:39 214 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-{6665cd51-4a02-f719-a93b-6689e1cce919}.reg.dat
2008-09-19 21:35:42 363 C:\Qoobox\Quarantine\Registry_backups\ShellExecuteHooks-{AE55C7EC-82F8-46CB-8DC2-57BF42F025FF}.reg.dat
2008-09-19 21:35:43 590 C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-WinampAgent.reg.dat
2008-09-22 21:48:34 334,334 C:\Qoobox\Quarantine\[4]-Submit_2008-09-22@14.48.zip
2008-09-22 21:50:15 6,751 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2008-09-22 21:50:26 108 C:\Qoobox\Quarantine\catchme.log

09-23-2008, 01:58 AM	#17 (permalink)
kewlix Registered User Join Date: Sep 2008 Posts: 27 OS: windows sp1	Re: js/psyme virus aftermath scan from activescan 2.0 2007-04-26 04:30:16 29,184 C:\Qoobox\Quarantine\C\WINDOWS\system32\MSINET.oca.vir 2007-09-24 00:05:16 279,600 C:\Qoobox\Quarantine\C\WINDOWS\system32\pac.txt.vir 2008-07-05 22:56:54 49,375 C:\Qoobox\Quarantine\C\Temp\1cb\syscheck.log.vir 2008-09-06 15:20:00 162,849 C:\Qoobox\Quarantine\C\WINDOWS\system32\zir2\KPL21i24.exe.vir 2008-09-06 20:22:08 34,816 C:\Qoobox\Quarantine\C\WINDOWS\system32\tuvUNedD.dll.vir 2008-09-06 20:22:08 34,816 C:\Qoobox\Quarantine\C\WINDOWS\system32\xxywTKEU.dll.vir 2008-09-06 20:22:19 1,858 C:\Qoobox\Quarantine\C\Temp\dax41\A3G.log.vir 2008-09-06 20:22:19 71,711 C:\Qoobox\Quarantine\C\WINDOWS\system32\fjuffubkbhhkp.exe.vir 2008-09-06 20:22:21 153,444 C:\Qoobox\Quarantine\C\WINDOWS\system32\g49.exe.vir 2008-09-06 20:22:23 64,859 C:\Qoobox\Quarantine\C\WINDOWS\system32\tockorppzaevwusj.exe.vir 2008-09-06 20:22:29 861 C:\Qoobox\Quarantine\C\WINDOWS\system32\winpfz33.sys.vir 2008-09-06 20:30:04 115,200 C:\Qoobox\Quarantine\C\WINDOWS\system32\cquypr.dll.vir 2008-09-06 20:30:04 115,200 C:\Qoobox\Quarantine\C\WINDOWS\system32\iaqfobdt.dll.vir 2008-09-06 20:53:25 85,008 C:\Qoobox\Quarantine\C\WINDOWS\system32\uesiuqcr.exe.vir 2008-09-06 20:53:48 50 C:\Qoobox\Quarantine\C\Documents and Settings\RivaL\Application Data\Microsoft\dtsc\s.vir 2008-09-06 20:55:28 10,240 C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\xpreload.ocx.vir 2008-09-06 21:56:22 648 C:\Qoobox\Quarantine\C\Documents and Settings\RivaL\Start Menu\Programs\Startup\DW_Start.lnk.vir 2008-09-06 21:57:13 684 C:\Qoobox\Quarantine\C\Documents and Settings\RivaL\Start Menu\Programs\Startup\Deewoo.lnk.vir 2008-09-06 22:26:58 192,582 C:\Qoobox\Quarantine\C\WINDOWS\system32\ncntttdm.exe.vir 2008-09-06 22:52:16 1,298,874 C:\Qoobox\Quarantine\C\WINDOWS\system32\yayofpnf.ini.vir 2008-09-07 10:04:59 115,200 C:\Qoobox\Quarantine\C\WINDOWS\system32\qrgkoeuw.dll.vir 2008-09-07 10:14:43 7,723 C:\Qoobox\Quarantine\C\WINDOWS\BM23233a67.txt.vir 2008-09-07 10:46:58 111,637 C:\Qoobox\Quarantine\C\WINDOWS\BM23233a67.xml.vir 2008-09-07 22:57:03 876,412 C:\Qoobox\Quarantine\C\WINDOWS\system32\bbbdgMoq.ini2.vir 2008-09-07 22:57:13 876,412 C:\Qoobox\Quarantine\C\WINDOWS\system32\bbbdgMoq.ini.vir 2008-09-19 21:19:44 15,360 C:\Qoobox\Quarantine\C\WINDOWS\system32\getsn32.dll.vir 2008-09-19 21:19:45 8,704 C:\Qoobox\Quarantine\C\WINDOWS\system32\smwin32.dll.vir 2008-09-19 21:35:35 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat 2008-09-19 21:35:35 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat 2008-09-19 21:35:35 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat 2008-09-19 21:35:36 378 C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}.reg.dat 2008-09-19 21:35:36 378 C:\Qoobox\Quarantine\Registry_backups\URLSearchHooks-{0A94B116-4504-4e26-AB05-E61E474AA38B}.reg.dat 2008-09-19 21:35:37 1,006 C:\Qoobox\Quarantine\Registry_backups\BHO-{2D9F1530-0B38-4DCB-A90A-CECD559F3514}.reg.dat 2008-09-19 21:35:37 157 C:\Qoobox\Quarantine\Registry_backups\BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}.reg.dat 2008-09-19 21:35:37 374 C:\Qoobox\Quarantine\Registry_backups\BHO-{AE55C7EC-82F8-46CB-8DC2-57BF42F025FF}.reg.dat 2008-09-19 21:35:37 374 C:\Qoobox\Quarantine\Registry_backups\BHO-{F145B6CD-5D7C-4FE5-9AD9-C85D8F05DDCD}.reg.dat 2008-09-19 21:35:37 436 C:\Qoobox\Quarantine\Registry_backups\BHO-{65a4805e-60ef-7a07-28c7-3d4261929f71}.reg.dat 2008-09-19 21:35:38 121 C:\Qoobox\Quarantine\Registry_backups\Toolbar-SITEguard.reg.dat 2008-09-19 21:35:38 175 C:\Qoobox\Quarantine\Registry_backups\HKCU-Run-updateMgr.reg.dat 2008-09-19 21:35:39 149 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-201009fb.reg.dat 2008-09-19 21:35:39 214 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-{6665cd51-4a02-f719-a93b-6689e1cce919}.reg.dat 2008-09-19 21:35:42 363 C:\Qoobox\Quarantine\Registry_backups\ShellExecuteHooks-{AE55C7EC-82F8-46CB-8DC2-57BF42F025FF}.reg.dat 2008-09-19 21:35:43 590 C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-WinampAgent.reg.dat 2008-09-22 21:48:34 334,334 C:\Qoobox\Quarantine\[4]-Submit_2008-09-22@14.48.zip 2008-09-22 21:50:15 6,751 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2008-09-22 21:50:26 108 C:\Qoobox\Quarantine\catchme.log