yes i am aware of the socks port and remote admin. those are fine.
ComboFix 09-11-08.03 - Owner 11/09/2009 18:28.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.248 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\AFF132.tmp
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\recycler\S-1-5-21-1177238915-1450960922-682003330-1003
c:\recycler\S-1-5-21-1969440884-1445876313-1372676710-1003
c:\windows\system32\batimalu.dll
c:\windows\system32\bulusire.dll
c:\windows\system32\duletifa.dll
c:\windows\system32\fajekego.dll
c:\windows\system32\feyiweku.dll.tmp
c:\windows\system32\fimahafu.dll
c:\windows\system32\finetesu.dll
c:\windows\system32\fokaveyi.dll
c:\windows\system32\fubabebu.dll
c:\windows\system32\gegagoji.dll.tmp
c:\windows\system32\gejitutu.dll
c:\windows\system32\gemuwufi.dll
c:\windows\system32\ginuwike.dll
c:\windows\system32\gopigede.dll
c:\windows\system32\gunojuli.dll
c:\windows\system32\hasolawo.dll
c:\windows\system32\hivupena.dll
c:\windows\system32\huninulo.dll
c:\windows\system32\jenupiso.dll
c:\windows\system32\jizularo.dll
c:\windows\system32\joroyazu.dll
c:\windows\system32\junetiga.dll
c:\windows\system32\jusajase.dll
c:\windows\system32\kibugora.dll
c:\windows\system32\kiwejogo.dll
c:\windows\system32\livugafo.dll
c:\windows\system32\mulamogi.dll
c:\windows\system32\nekagiwa.dll.tmp
c:\windows\system32\pojiredi.dll
c:\windows\system32\poyutole.dll
c:\windows\system32\puwomofu.dll
c:\windows\system32\revakubu.dll
c:\windows\system32\rewovime.dll
c:\windows\system32\rimolodo.dll
c:\windows\system32\robejozo.dll
c:\windows\system32\safiduro.dll
c:\windows\system32\suliweya.dll
c:\windows\system32\taramawa.dll
c:\windows\system32\tijayoni.dll
c:\windows\system32\tuzatazo.dll
c:\windows\system32\vekukedu.dll
c:\windows\system32\wadaveka.dll
c:\windows\system32\wisizoho.dll
c:\windows\system32\yajineri.dll
c:\windows\system32\yirejame.dll
c:\windows\system32\zanaruma.dll
c:\windows\system32\zehakebo.dll
c:\windows\system32\zoyoyuju.dll
c:\windows\Tasks\dowjvzrz.job
D:\Autorun.inf
----- BITS: Possible infected sites -----
hxxp://82.98.231.98.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_R_SERVER
-------\Service_r_server
((((((((((((((((((((((((( Files Created from 2009-10-10 to 2009-11-10 )))))))))))))))))))))))))))))))
.
2009-11-09 19:54 . 2009-11-09 19:54 -------- d-----w- c:\program files\TextPad 5
2009-11-05 17:52 . 2009-07-28 22:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-05 17:52 . 2009-03-30 16:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-11-05 17:52 . 2009-02-13 18:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-11-05 17:52 . 2009-02-13 18:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-11-05 17:52 . 2009-11-05 17:52 -------- d-----w- c:\program files\Avira
2009-11-05 17:52 . 2009-11-05 17:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-11-03 19:24 . 2009-11-09 16:41 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-30 16:39 . 2009-10-30 16:39 -------- d-----w- c:\documents and settings\Owner\Application Data\AVG8
2009-10-29 15:52 . 2009-10-29 17:53 -------- dc----w- c:\windows\system32\DRVSTORE
2009-10-29 15:52 . 2009-10-29 15:52 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-10-29 15:48 . 2009-10-29 17:53 -------- dc-h--w- c:\documents and settings\All Users\Application Data\~0
2009-10-29 15:48 . 2009-10-03 08:15 2924848 -c----w- c:\documents and settings\All Users\Application Data\~0\Ad-AwareInstallation.exe
2009-10-29 15:47 . 2009-10-29 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-10-22 22:08 . 2009-10-22 22:08 34 ----a-w- c:\windows\system32\BD2040.DAT
2009-10-22 22:06 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-22 22:06 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-13 23:51 . 2006-10-12 16:29 83504 ----a-w- c:\documents and settings\All Users\Application Data\AOL\UserProfiles\All Users\SUDS\TEMP\ProgUpd.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-10 00:15 . 2005-11-11 23:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Skype
2009-11-09 22:03 . 2009-09-29 16:02 -------- d-----w- c:\documents and settings\Owner\Application Data\skypePM
2009-11-04 00:02 . 2008-03-16 19:27 -------- d-----w- c:\program files\OBC MP
2009-11-03 02:45 . 2009-10-07 20:00 -------- d-----w- c:\program files\Yahoo Mail Reader
2009-10-30 16:51 . 2005-09-21 23:59 -------- d-----w- c:\program files\Symantec
2009-10-30 07:14 . 2005-09-22 00:13 -------- d-----w- c:\program files\Common Files\Real
2009-10-30 07:11 . 2005-11-15 22:58 -------- d-----w- c:\program files\AFF Mail Reader OCR
2009-10-28 15:59 . 2003-02-21 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-28 15:59 . 2003-03-18 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-08 17:35 . 2009-10-08 17:35 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2009-10-07 17:41 . 2005-09-22 00:12 -------- d-----w- c:\program files\America Online 9.0
2009-10-07 16:58 . 2005-09-22 00:12 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-10-07 16:32 . 2009-10-07 16:32 -------- d-----w- c:\documents and settings\Owner\Application Data\Helios
2009-10-01 16:28 . 2009-10-01 16:28 -------- d-----w- c:\program files\QuickTime
2009-10-01 16:28 . 2009-10-01 16:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-01 16:27 . 2009-10-01 16:27 -------- d-----w- c:\program files\Common Files\Apple
2009-10-01 16:26 . 2009-10-01 16:26 -------- d-----w- c:\program files\Apple Software Update
2009-10-01 16:26 . 2009-10-01 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-29 16:02 . 2009-09-29 16:02 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-29 16:02 . 2009-09-29 16:02 -------- d-----w- c:\program files\Common Files\Skype
2009-09-29 16:02 . 2005-11-11 23:36 -------- d-----r- c:\program files\Skype
2009-09-29 16:02 . 2005-11-11 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-09-11 14:18 . 2004-08-26 16:12 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-26 16:12 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2004-08-26 16:12 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2004-08-26 16:12 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-08 14:41 . 2009-08-08 14:41 89600 --sha-w- c:\windows\system32\bewufubo.dll
2009-08-05 02:39 . 2009-08-05 02:39 89600 --sha-w- c:\windows\system32\dulujohi.dll
2009-08-07 14:40 . 2009-08-07 14:40 89088 --sha-w- c:\windows\system32\gademoma.dll
2009-08-06 14:40 . 2009-08-06 14:40 89088 --sha-w- c:\windows\system32\hopakowu.dll
2009-08-09 02:41 . 2009-08-09 02:41 89088 --sha-w- c:\windows\system32\jepafovi.dll
2009-08-06 02:39 . 2009-08-06 02:39 89600 --sha-w- c:\windows\system32\kuwiguza.dll
2009-08-08 02:40 . 2009-08-08 02:40 89600 --sha-w- c:\windows\system32\nudegeno.dll
2009-08-05 14:39 . 2009-08-05 14:39 90112 --sha-w- c:\windows\system32\rohopera.dll
2009-08-07 02:40 . 2009-08-07 02:40 89600 --sha-w- c:\windows\system32\toloyozu.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-09-02 25623336]
"Window Washer"="c:\program files\Webroot\Washer\wwDisp.exe" [2007-11-26 1206600]
"AOL Fast Start"="c:\program files\America Online 9.0\AOL.EXE" [2005-07-26 50776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunKistEM"="c:\program files\Digital Media Reader\shwiconem.exe" [2004-11-15 135168]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-03-15 966656]
"HostManager"="c:\program files\Common Files\AOL\1127347943\ee\AOLSoftware.exe" [2006-09-26 50736]
"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-19 79448]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"Quick Macros"="c:\program files\Quick Macros 2\qm.exe" [2006-06-15 1282048]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216]
"Pure Networks Port Magic"="c:\progra~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 99480]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2003-12-09 67584]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Install Pending Files.LNK - c:\program files\SIFXINST\SIFXINST.EXE [2005-9-21 729088]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1127347943\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1127347943\\EE\\aolsoftware.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"c:\\WINDOWS\\system32\\r_server.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/5/2009 11:52 AM 108289]
R2 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [12/1/2007 3:52 PM 598856]
S3 qmphook;QM process triggers;c:\program files\Quick Macros 2\qmphook.sys [10/19/2005 12:11 PM 4096]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MBR
*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder
2009-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2005-11-11 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-26 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/uInternet Settings,ProxyServer = socks=64.247.44.54:9420
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html
LSP: connwsp.dll
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\xalx5uu8.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -
BHO-{cf9fffdb-3802-41b4-81f4-ee25924c6af7} - gemuwufi.dll
HKLM-Run-pelududaw - c:\windows\system32\junetiga.dll
HKLM-Run-kotefugeju - wadaveka.dll
SharedTaskScheduler-{87aeb2b1-0424-458a-86f6-ce5a6444821d} - c:\windows\system32\junetiga.dll
SSODL-lewizuted-{87aeb2b1-0424-458a-86f6-ce5a6444821d} - c:\windows\system32\junetiga.dll
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-11-09 18:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(580)
c:\windows\system32\connwsp.dll
- - - - - - - > 'explorer.exe'(3740)
c:\windows\system32\WININET.dll
c:\program files\Common Files\AOL\ACS\WLHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\program files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\windows\system32\wdfmgr.exe
c:\program files\America Online 9.0\waol.exe
c:\program files\America Online 9.0\shellmon.exe
.
**************************************************************************
.
Completion time: 2009-11-10 18:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-10 00:45
Pre-Run: 64,084,799,488 bytes free
Post-Run: 64,112,488,448 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 803A9273D293BB99BE6A74632F2DF813
Malwarebytes' Anti-Malware 1.41
Database version: 3137
Windows 5.1.2600 Service Pack 3
11/9/2009 8:17:07 PM
mbam-log-2009-11-09 (20-17-07).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 193149
Time elapsed: 43 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 81
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\Radmin\AdmDll.dll (PUP.RemoteAdmin) -> Quarantined and deleted successfully.
C:\Program Files\Radmin\raddrv.dll (PUP.RemoteAdmin) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\batimalu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\bulusire.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\duletifa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\fajekego.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\feyiweku.dll.tmp.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\finetesu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\fokaveyi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\fubabebu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\gegagoji.dll.tmp.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\gejitutu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\gopigede.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\hasolawo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\hivupena.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\jenupiso.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\jusajase.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\kibugora.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\kiwejogo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\livugafo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\mulamogi.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\nekagiwa.dll.tmp.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\puwomofu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\revakubu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\rewovime.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\rimolodo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\safiduro.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\suliweya.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\tuzatazo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\vekukedu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\yajineri.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\yirejame.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\zanaruma.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\zehakebo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\zoyoyuju.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054239.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054240.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054241.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054459.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1054\A0054475.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1058\A0056266.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1067\A0057359.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1067\A0057360.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1067\A0057361.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057490.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057491.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057492.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057493.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057495.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057496.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057497.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057498.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057501.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057503.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057504.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057510.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057511.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057512.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057513.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057514.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057517.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057518.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057519.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057520.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057522.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057523.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057506.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057526.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057527.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057530.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057531.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057532.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057533.dll (Trojan.Vundo) -> Not selected for removal.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057534.dll (Trojan.Vundo) -> Not selected for removal.
C:\WINDOWS\system32\admdll.dll (PUP.RemoteAdmin) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dulujohi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hopakowu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kuwiguza.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\raddrv.dll (PUP.RemoteAdmin) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rohopera.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nudegeno.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
-------------------------------------------------------
Avira AntiVir Personal
Report file date: Monday, November 09, 2009 20:23
Scanning for 1878353 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : EMACHINE
Version information:
BUILD.DAT : 9.0.0.410 18074 Bytes 9/25/2009 11:56:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 7/21/2009 20:36:14
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 17:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 18:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 17:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 19:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 16:21:42
ANTIVIR2.VDF : 7.1.6.160 5413376 Bytes 10/28/2009 18:34:33
ANTIVIR3.VDF : 7.1.6.210 427520 Bytes 11/9/2009 18:35:03
Engineversion : 8.2.1.61
AEVDF.DLL : 8.1.1.2 106867 Bytes 11/9/2009 18:37:29
AESCRIPT.DLL : 8.1.2.44 586107 Bytes 11/9/2009 18:37:28
AESCN.DLL : 8.1.2.5 127346 Bytes 11/9/2009 18:37:13
AERDL.DLL : 8.1.3.2 479604 Bytes 11/9/2009 18:37:10
AEPACK.DLL : 8.2.0.3 422261 Bytes 11/9/2009 18:36:55
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 7/23/2009 16:59:39
AEHEUR.DLL : 8.1.0.180 2093432 Bytes 11/9/2009 18:36:39
AEHELP.DLL : 8.1.7.0 237940 Bytes 11/9/2009 18:35:39
AEGEN.DLL : 8.1.1.71 364916 Bytes 11/9/2009 18:35:35
AEEMU.DLL : 8.1.1.0 393587 Bytes 11/9/2009 18:35:19
AECORE.DLL : 8.1.8.2 184694 Bytes 11/9/2009 18:35:11
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 21:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 15:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 11/9/2009 18:37:33
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 21:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 17:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 22:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 17:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 22:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 15:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 17:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 22:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 17:19:48
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Start of the scan: Monday, November 09, 2009 20:23
Starting search for hidden objects.
'85348' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'shellmon.exe' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'WasherSvc.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'aoltpspd.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PRISMXL.SYS' - '1' Module(s) have been scanned
Scan process 'aoltsmon.exe' - '1' Module(s) have been scanned
Scan process 'AOLacsd.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'waol.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'PortAOL.exe' - '1' Module(s) have been scanned
Scan process 'wwDisp.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'AOLDial.exe' - '1' Module(s) have been scanned
Scan process 'qm.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'AOLSP Scheduler.exe' - '1' Module(s) have been scanned
Scan process 'aolsoftware.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'shwiconEM.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
44 processes with 44 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!
Master boot sector HD5
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '63' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.71.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.72.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.73.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.74.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\AOLAccounts-1.0.0.3.zip
[0] Archive type: ZIP
--> AOLAccounts-1.0.0.3.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator.zip
[0] Archive type: ZIP
--> HotMail Accounts Creator/HAccounts-1.0.0.71.exe
[DETECTION] Is the TR/Spy.Gen Trojan
--> HotMail Accounts Creator/HAccounts-1.0.0.72.exe
[DETECTION] Is the TR/Spy.Gen Trojan
--> HotMail Accounts Creator/HAccounts-1.0.0.73.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\AOL Creator\AOLAccounts-1.0.0.3.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.71.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.72.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.73.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.74.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.33.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.50.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.55.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\Hotmail Responding\HotmailGuardian-1[1].0.0.7.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.33.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.50.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.55.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\YAHOO creator\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Documents and Settings\Owner\Desktop\oldddd KEENO\brett\yahoocreator\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\Program Files\Common Files\AOL\Backup\ACS\Current\Suite\comps\acsrollb.exe
[0] Archive type: NSIS
--> [PluginsDir]/utility.dll
[DETECTION] Is the TR/StartPage.HMI Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\huninulo.dll.vir
[DETECTION] Is the TR/Migotrup.B Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\poyutole.dll.vir
[DETECTION] Is the TR/PCK.Katusha.G.102 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1036\A0052474.exe
[DETECTION] Is the TR/Spy.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054239.dll
[DETECTION] Is the TR/PCK.Katusha.G.95 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054240.dll
[DETECTION] Is the TR/PCK.Katusha.G.95 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054241.dll
[DETECTION] Is the TR/PCK.Katusha.G.95 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054459.dll
[DETECTION] Is the TR/Vundo.MD.6 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1054\A0054475.dll
[DETECTION] Is the TR/PCK.Katusha.G.113 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057490.dll
[DETECTION] Is the TR/Vundo.90112G.87 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057491.dll
[DETECTION] Is the TR/Vundo.89088G.49 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057492.dll
[DETECTION] Is the TR/Monder.cuum Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057493.dll
[DETECTION] Is the TR/Monder.curj Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057495.dll
[DETECTION] Is the TR/PCK.Katusha.G.97 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057497.dll
[DETECTION] Is the TR/Vundo.FA.364 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057498.dll
[DETECTION] Is the TR/Vundo.90112G.88 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057501.dll
[DETECTION] Is the TR/Vundo.FA.355 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057503.dll
[DETECTION] Is the TR/Vundo.FA.367 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057504.dll
[DETECTION] Is the TR/Vundo.FA.380 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057505.dll
[DETECTION] Is the TR/Migotrup.B Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057511.dll
[DETECTION] Is the TR/Vundo.89088G.62 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057512.dll
[DETECTION] Is the TR/Spy.90112.226 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057513.dll
[DETECTION] Is the TR/Vundo.90112G.49 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057514.dll
[DETECTION] Is the TR/Monder.cusu Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057516.dll
[DETECTION] Is the TR/PCK.Katusha.G.102 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057517.dll
[DETECTION] Is the TR/Vundo.FA.390 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057518.dll
[DETECTION] Is the TR/Vundo.90112G.69 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057519.dll
[DETECTION] Is the TR/Vundo.89600G.89 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057520.dll
[DETECTION] Is the TR/Monder.cuqy Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057523.dll
[DETECTION] Is the TR/Spy.89600.57 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057527.dll
[DETECTION] Is the TR/Monder.cuqh Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057530.dll
[DETECTION] Is the TR/Monder.cutc Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057531.dll
[DETECTION] Is the TR/Vundo.89600G.48 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057532.dll
[DETECTION] Is the TR/Spy.38912.84 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057533.dll
[DETECTION] Is the TR/Vundo.MD.13 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057534.dll
[DETECTION] Is the TR/Vundo.89600G.93 Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057620.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057621.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057622.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057623.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057624.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057625.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057626.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057627.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057628.dll
[DETECTION] Is the TR/Trash.Gen Trojan
Begin scan in 'D:\'
Beginning disinfection:
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.71.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b5be949.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.72.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4a31d01a.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.73.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4f03bc8a.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\HotMail Accounts Creator\HAccounts-1.0.0.74.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4f02b4c2.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\AOLAccounts-1.0.0.3.zip
[NOTE] The file was moved to '4b44e958.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator.zip
[NOTE] The file was moved to '4b6ce978.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\AOL Creator\AOLAccounts-1.0.0.3.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4f1995f1.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.71.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b5be94a.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.72.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4f1e6abb.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.73.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '48211a7b.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\programs\HotMail Accounts Creator\HAccounts-1.0.0.74.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '482013b3.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\BRETT BRETT BRETT\Work\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4826eb8b.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.33.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b5be94b.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '48dac8ac.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.50.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '48d9c0e4.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts-1.0.0.55.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '48d8d83c.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\WORK\YAccounts\YAccounts.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '48dfd074.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\OLDER STUFF 070909\WORK START\keeno\YAHOO creator\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b5be94c.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\Hotmail Responding\HotmailGuardian-1[1].0.0.7.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b6ce97b.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.33.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b5be94e.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4dd2d977.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.50.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4dd1d14f.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts-1.0.0.55.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4dd0d687.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\WORK\YAccounts\YAccounts.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4dd7aedf.qua'!
C:\Documents and Settings\Owner\Desktop\ALL WORK STUFF\WORK\keeno\YAHOO creator\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4dd5be6f.qua'!
C:\Documents and Settings\Owner\Desktop\oldddd KEENO\brett\yahoocreator\yahoocreator\Ycreator\YAccounts-1.0.0.47.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b5be94f.qua'!
C:\Program Files\Common Files\AOL\Backup\ACS\Current\Suite\comps\acsrollb.exe
[NOTE] The file was moved to '4b6be971.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\huninulo.dll.vir
[DETECTION] Is the TR/Migotrup.B Trojan
[NOTE] The file was moved to '4b66e983.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\poyutole.dll.vir
[DETECTION] Is the TR/PCK.Katusha.G.102 Trojan
[NOTE] The file was moved to '4b71e97d.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1036\A0052474.exe
[DETECTION] Is the TR/Spy.Gen Trojan
[NOTE] The file was moved to '4b28e93e.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054239.dll
[DETECTION] Is the TR/PCK.Katusha.G.95 Trojan
[NOTE] The file was moved to '4f4f10e7.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054240.dll
[DETECTION] Is the TR/PCK.Katusha.G.95 Trojan
[NOTE] The file was moved to '4b28e93f.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054241.dll
[DETECTION] Is the TR/PCK.Katusha.G.95 Trojan
[NOTE] The file was moved to '4c488d58.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1053\A0054459.dll
[DETECTION] Is the TR/Vundo.MD.6 Trojan
[NOTE] The file was moved to '4dba9f00.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1054\A0054475.dll
[DETECTION] Is the TR/PCK.Katusha.G.113 Trojan
[NOTE] The file was moved to '4f43f870.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057490.dll
[DETECTION] Is the TR/Vundo.90112G.87 Trojan
[NOTE] The file was moved to '4dbe7c20.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057491.dll
[DETECTION] Is the TR/Vundo.89088G.49 Trojan
[NOTE] The file was moved to '4db88ff0.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057492.dll
[DETECTION] Is the TR/Monder.cuum Trojan
[NOTE] The file was moved to '4dbb9748.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057493.dll
[DETECTION] Is the TR/Monder.curj Trojan
[NOTE] The file was moved to '4dbd64d8.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057495.dll
[DETECTION] Is the TR/PCK.Katusha.G.97 Trojan
[NOTE] The file was moved to '4db04db0.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057497.dll
[DETECTION] Is the TR/Vundo.FA.364 Trojan
[NOTE] The file was moved to '4dbf7468.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057498.dll
[DETECTION] Is the TR/Vundo.90112G.88 Trojan
[NOTE] The file was moved to '4c6e4100.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057501.dll
[DETECTION] Is the TR/Vundo.FA.355 Trojan
[NOTE] The file was moved to '4c532a38.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057503.dll
[DETECTION] Is the TR/Vundo.FA.367 Trojan
[NOTE] The file was moved to '4b28e940.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057504.dll
[DETECTION] Is the TR/Vundo.FA.380 Trojan
[NOTE] The file was moved to '4db15a69.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057505.dll
[DETECTION] Is the TR/Migotrup.B Trojan
[NOTE] The file was moved to '4db253b1.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057511.dll
[DETECTION] Is the TR/Vundo.89088G.62 Trojan
[NOTE] The file was moved to '4db32bf9.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057512.dll
[DETECTION] Is the TR/Spy.90112.226 Trojan
[NOTE] The file was moved to '4db423c1.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057513.dll
[DETECTION] Is the TR/Vundo.90112G.49 Trojan
[NOTE] The file was moved to '4db53b09.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057514.dll
[DETECTION] Is the TR/Monder.cusu Trojan
[NOTE] The file was moved to '4db63351.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057516.dll
[DETECTION] Is the TR/PCK.Katusha.G.102 Trojan
[NOTE] The file was moved to '4db70899.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057517.dll
[DETECTION] Is the TR/Vundo.FA.390 Trojan
[NOTE] The file was moved to '4d8800e1.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057518.dll
[DETECTION] Is the TR/Vundo.90112G.69 Trojan
[NOTE] The file was moved to '4d891829.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057519.dll
[DETECTION] Is the TR/Vundo.89600G.89 Trojan
[NOTE] The file was moved to '4d8a1071.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057520.dll
[DETECTION] Is the TR/Monder.cuqy Trojan
[NOTE] The file was moved to '4d8ce9b9.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057523.dll
[DETECTION] Is the TR/Spy.89600.57 Trojan
[NOTE] The file was moved to '4d8de181.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057527.dll
[DETECTION] Is the TR/Monder.cuqh Trojan
[NOTE] The file was moved to '4d8ef9c9.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057530.dll
[DETECTION] Is the TR/Monder.cutc Trojan
[NOTE] The file was moved to '4d8ff111.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057531.dll
[DETECTION] Is the TR/Vundo.89600G.48 Trojan
[NOTE] The file was moved to '4d80c959.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057532.dll
[DETECTION] Is the TR/Spy.38912.84 Trojan
[NOTE] The file was moved to '4d81cea1.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057533.dll
[DETECTION] Is the TR/Vundo.MD.13 Trojan
[NOTE] The file was moved to '4d82c6e9.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057534.dll
[DETECTION] Is the TR/Vundo.89600G.93 Trojan
[NOTE] The file was moved to '4d83de31.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057620.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d84d679.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057621.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4da7b7a9.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057622.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d86a789.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057623.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d87bfd1.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057624.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d98b719.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057625.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d998f61.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057626.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d9a84a9.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057627.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d9b9cf1.qua'!
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1068\A0057628.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4d9c9439.qua'!
End of the scan: Monday, November 09, 2009 22:16
Used time: 52:49 Minute(s)
The scan has been done completely.
6492 Scanned directories
509294 Files were scanned
73 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
71 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
509220 Files not concerned
8270 Archives were scanned
1 Warnings
72 Notes
85348 Objects were scanned with rootkit scan
0 Hidden objects were found