Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help Moved to AII


  • Please log in to reply
1 reply to this topic

#1 Sykokiller

Sykokiller

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:09 AM

Posted 28 February 2009 - 08:43 PM

Are any of these files malware, trojans, etc.?

srry but for sum reason I can't upload cause when I click on Browse... nothing happens so i will just copy paste.
This is what i got with Avira antivirus personal.


Avira AntiVir Personal
Report file date: Saturday, February 28, 2009 17:47

Scanning for 1038808 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ESCAFLOWNE-T3UB

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 11/18/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 11/18/2008 15:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 5/26/2008 14:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 6/12/2008 19:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 5/26/2008 14:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 18:30:36
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 11/9/2008 23:57:13
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 11/16/2008 23:16:47
ANTIVIR3.VDF : 7.1.0.97 45056 Bytes 11/17/2008 23:38:59
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 10/14/2008 17:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 11/11/2008 21:00:07
AESCN.DLL : 8.1.1.5 123251 Bytes 11/7/2008 22:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 20:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 16:41:39
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 11/7/2008 22:06:41
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 11/7/2008 22:06:41
AEHELP.DLL : 8.1.1.3 119157 Bytes 11/7/2008 22:06:41
AEGEN.DLL : 8.1.1.0 319859 Bytes 11/7/2008 22:06:41
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/14/2008 17:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 11/7/2008 22:06:41
AEBB.DLL : 8.1.0.3 53618 Bytes 10/14/2008 17:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 7/9/2008 15:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 5/16/2008 16:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 7/31/2008 19:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 5/9/2008 18:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2/12/2008 15:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 6/12/2008 19:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 1/23/2008 00:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 6/12/2008 19:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 1/25/2008 19:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 6/12/2008 20:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 6/27/2008 20:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\archivos de programa\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Saturday, February 28, 2009 17:47

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'RegistryBooster.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
20 processes with 20 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
C:\WINDOWS\Browser.EXE
[DETECTION] Contains recognition pattern of the WORM/Malagent worm
[WARNING] The file was ignored!
C:\WINDOWS\Browser.EXE
[DETECTION] Contains recognition pattern of the WORM/Malagent worm
[WARNING] The file was ignored!

The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\martha vidal\Escritorio\IWONSetup2.3.50.26.ZLfox000.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> mwsSetup.CommonCodebase.exe
[DETECTION] Contains recognition pattern of the DR/MyWebSearch.AU dropper
[NOTE] The file was moved to '49f8d47b.qua'!
C:\Documents and Settings\personal_2\Configuración local\Archivos temporales de Internet\Content.IE5\LWKTH73O\kb713501[1]
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\personal_2\Configuración local\Archivos temporales de Internet\Content.IE5\Q351LFVL\install_sbd_es[1].exe
[DETECTION] Is the TR/Dldr.Age.1131784 Trojan
[NOTE] The file was moved to '4a1cd6c9.qua'!
C:\Documents and Settings\personal_2\Configuración local\Archivos temporales de Internet\Content.IE5\V1JC92CI\kb516107[1]
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49ded7a5.qua'!
C:\Documents and Settings\personal_2\Configuración local\Archivos temporales de Internet\Content.IE5\V1JC92CI\kb767887[1]
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '49e0d7a9.qua'!
C:\Documents and Settings\personal_2\Configuración local\Archivos temporales de Internet\Content.IE5\V8O5G29G\install_sbd_es[1].exe
[DETECTION] Is the TR/Dldr.Age.1131784 Trojan
[NOTE] The file was moved to '4a1cd7f0.qua'!
C:\Documents and Settings\personal_2\Configuración local\Temp\rchelftx.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was deleted!
C:\Documents and Settings\personal_2\Configuración local\Temp\syggejqq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a10d916.qua'!
C:\Documents and Settings\personal_2\Configuración local\Temp\uaaibqac.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ad902.qua'!
C:\RECYCLER\S-1-5-21-448539723-436374069-854245398-1010\Dc1.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> mwsSetup.CommonCodebase.exe
[DETECTION] Contains recognition pattern of the DR/MyWebSearch.AU dropper
[NOTE] The file was moved to '49dadbad.qua'!
C:\System Volume Information\_restore{A96248EE-2535-4FD4-9C52-661736C94445}\RP74\A0035447.dll
[DETECTION] Is the TR/Crypt.XDR.Gen Trojan
[NOTE] The file was moved to '49d9dd6c.qua'!
C:\System Volume Information\_restore{A96248EE-2535-4FD4-9C52-661736C94445}\RP74\A0035654.dll
[DETECTION] Is the TR/Crypt.XDR.Gen Trojan
[NOTE] The file was moved to '49d9dd95.qua'!
C:\System Volume Information\_restore{A96248EE-2535-4FD4-9C52-661736C94445}\RP78\A0037013.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> mwsSetup.CommonCodebase.exe
[DETECTION] Contains recognition pattern of the DR/MyWebSearch.AU dropper
[NOTE] The file was moved to '49d9de46.qua'!
C:\System Volume Information\_restore{A96248EE-2535-4FD4-9C52-661736C94445}\RP78\A0037015.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> mwsSetup.CommonCodebase.exe
[DETECTION] Contains recognition pattern of the DR/MyWebSearch.AU dropper
[NOTE] The file was moved to '49d9de5f.qua'!
C:\WINDOWS\browser.exe
[DETECTION] Contains recognition pattern of the WORM/Malagent worm
[NOTE] The file was moved to '4a18deb4.qua'!
C:\WINDOWS\system32\aaeumoai.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee062.qua'!
C:\WINDOWS\system32\aeowawkq.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a18e068.qua'!
C:\WINDOWS\system32\afvawxgp.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1fe06a.qua'!
C:\WINDOWS\system32\ahlhkmaf.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a15e06c.qua'!
C:\WINDOWS\system32\ajkywhgb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e06f.qua'!
C:\WINDOWS\system32\akwodkhw.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a20e070.qua'!
C:\WINDOWS\system32\akxpsunv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e071.qua'!
C:\WINDOWS\system32\amipblrp.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e073.qua'!
C:\WINDOWS\system32\arihbipq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e07a.qua'!
C:\WINDOWS\system32\arjhluiy.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e07a.qua'!
C:\WINDOWS\system32\asqgrjiq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae07c.qua'!
C:\WINDOWS\system32\auhrne.dll
[DETECTION] Is the TR/Undef.R Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The file was moved to '4a11e083.qua'!
C:\WINDOWS\system32\avovxdro.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e089.qua'!
C:\WINDOWS\system32\axkykkvh.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e08c.qua'!
C:\WINDOWS\system32\bbqdsbmi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae077.qua'!
C:\WINDOWS\system32\bepxiphi.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a19e07b.qua'!
C:\WINDOWS\system32\bhcdcwcp.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce07e.qua'!
C:\WINDOWS\system32\blocfdqm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e084.qua'!
C:\WINDOWS\system32\bmnnumtq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e086.qua'!
C:\WINDOWS\system32\boleiuxj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a15e089.qua'!
C:\WINDOWS\system32\bptaicfc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de08b.qua'!
C:\WINDOWS\system32\bqfyfeyt.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0fe08d.qua'!
C:\WINDOWS\system32\bwiovoiy.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e097.qua'!
C:\WINDOWS\system32\bwrwnpam.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1be098.qua'!
C:\WINDOWS\system32\cacwiwtv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce082.qua'!
C:\WINDOWS\system32\cbhvyrul.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a11e085.qua'!
C:\WINDOWS\system32\cbxvw.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The file was moved to '4868903e.qua'!
C:\WINDOWS\system32\cgvmnclk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe08f.qua'!
C:\WINDOWS\system32\ckifbvap.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e094.qua'!
C:\WINDOWS\system32\cphtqoqy.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a11e09e.qua'!
C:\WINDOWS\system32\cutwtmrs.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1de0a6.qua'!
C:\WINDOWS\system32\cuvweroi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe0a6.qua'!
C:\WINDOWS\system32\cvlcfefq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a15e0a8.qua'!
C:\WINDOWS\system32\cvyceuoq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a22e0a8.qua'!
C:\WINDOWS\system32\cxskoebu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ce0ab.qua'!
C:\WINDOWS\system32\depscnle.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19e09c.qua'!
C:\WINDOWS\system32\dhcqfeme.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a0ce0a1.qua'!
C:\WINDOWS\system32\djbugxry.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0be0a5.qua'!
C:\WINDOWS\system32\dpinswuu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e0ad.qua'!
C:\WINDOWS\system32\dqncbivq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e0b0.qua'!
C:\WINDOWS\system32\dvtcdpwk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de0b9.qua'!
C:\WINDOWS\system32\dxkhwlfe.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e0c0.qua'!
C:\WINDOWS\system32\edlbvehw.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a15e0af.qua'!
C:\WINDOWS\system32\eeroujnc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be0b1.qua'!
C:\WINDOWS\system32\emseqoud.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ce0bb.qua'!
C:\WINDOWS\system32\eociqpqa.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce0be.qua'!
C:\WINDOWS\system32\epxijhkl.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e0bf.qua'!
C:\WINDOWS\system32\ergyjycp.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a10e0c2.qua'!
C:\WINDOWS\system32\esgyvimi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a10e0c5.qua'!
C:\WINDOWS\system32\estqfmvh.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de0c7.qua'!
C:\WINDOWS\system32\eyqcwkus.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae0d0.qua'!
C:\WINDOWS\system32\feywdpfq.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a22e0be.qua'!
C:\WINDOWS\system32\fhmfgjeu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a16e0c2.qua'!
C:\WINDOWS\system32\fkrqcpyu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be0c6.qua'!
C:\WINDOWS\system32\fkwdwguk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK lib.
[NOTE] The file was moved to '4a20e0c8.qua'!
C:\WINDOWS\system32\flcnshrh.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a0ce0ca.qua'!
C:\WINDOWS\system32\fovmanbf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe0d1.qua'!
C:\WINDOWS\system32\fqvemrhd.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1fe0d4.qua'!
C:\WINDOWS\system32\frsafbfk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ce0d6.qua'!
C:\WINDOWS\system32\fuvsimuf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe0db.qua'!
C:\WINDOWS\system32\fxkgrktg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e0de.qua'!
C:\WINDOWS\system32\fxnumrwf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e0df.qua'!
C:\WINDOWS\system32\gdcmtijp.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce0cc.qua'!
C:\WINDOWS\system32\ghpauygk.dll
[DETECTION] Is the TR/Monder.103488 Trojan
[NOTE] The file was moved to '4a19e0d3.qua'!
C:\WINDOWS\system32\ghvkyfhe.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a1fe0d3.qua'!
C:\WINDOWS\system32\gijfmwan.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e0d6.qua'!
C:\WINDOWS\system32\glkyrdjf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e0da.qua'!
C:\WINDOWS\system32\gmvcfuxk.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1fe0dc.qua'!
C:\WINDOWS\system32\gptgdyey.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a1de0e1.qua'!
C:\WINDOWS\system32\grngyokg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e0e4.qua'!
C:\WINDOWS\system32\grxabubq.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a21e0e5.qua'!
C:\WINDOWS\system32\gxsuoqgf.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a1ce0ec.qua'!
C:\WINDOWS\system32\haoappny.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e0d7.qua'!
C:\WINDOWS\system32\haqnfwto.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae0d8.qua'!
C:\WINDOWS\system32\hbawmhaa.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ae0da.qua'!
C:\WINDOWS\system32\hcrrfrye.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be0dc.qua'!
C:\WINDOWS\system32\hdrlyewx.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be0de.qua'!
C:\WINDOWS\system32\heultnuy.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee0e1.qua'!
C:\WINDOWS\system32\hhvctlln.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe0e6.qua'!
C:\WINDOWS\system32\hkfgdbee.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0fe0ea.qua'!
C:\WINDOWS\system32\hqpatwlm.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a19e0f5.qua'!
C:\WINDOWS\system32\hsriiicq.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a1be0f8.qua'!
C:\WINDOWS\system32\hursollg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be0fb.qua'!
C:\WINDOWS\system32\ibycmhcr.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a22e0ed.qua'!
C:\WINDOWS\system32\icebslxg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee0ef.qua'!
C:\WINDOWS\system32\iktbfbfm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de0fa.qua'!
C:\WINDOWS\system32\irygxrga.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a22e10a.qua'!
C:\WINDOWS\system32\itvqfsvf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe10d.qua'!
C:\WINDOWS\system32\iwpenhnv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19e111.qua'!
C:\WINDOWS\system32\jbibrjao.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e0fe.qua'!
C:\WINDOWS\system32\jdbabjfv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0be100.qua'!
C:\WINDOWS\system32\jghqduad.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a11e104.qua'!
C:\WINDOWS\system32\jheaagtu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee105.qua'!
C:\WINDOWS\system32\jijkkqad.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a13e106.qua'!
C:\WINDOWS\system32\jmakurlp.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ae10b.qua'!
C:\WINDOWS\system32\jprjteod.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1be10f.qua'!
C:\WINDOWS\system32\kbeiufwn.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee104.qua'!
C:\WINDOWS\system32\kikyithj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e10d.qua'!
C:\WINDOWS\system32\kjmcrbvc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a16e10e.qua'!
C:\WINDOWS\system32\klnoesdr.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e110.qua'!
C:\WINDOWS\system32\knaymvev.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ae113.qua'!
C:\WINDOWS\system32\kvdpgfbv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0de11c.qua'!
C:\WINDOWS\system32\kytmtftd.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de120.qua'!
C:\WINDOWS\system32\lbkeuprh.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e109.qua'!
C:\WINDOWS\system32\lmjcebuj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e115.qua'!
C:\WINDOWS\system32\lmkqpfhm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e116.qua'!
C:\WINDOWS\system32\lqipeasg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e11c.qua'!
C:\WINDOWS\system32\lvxqyixi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e122.qua'!
C:\WINDOWS\system32\lwgsqmmu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a10e123.qua'!
C:\WINDOWS\system32\lxiimyny.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e124.qua'!
C:\WINDOWS\system32\lydwuclv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0de126.qua'!
C:\WINDOWS\system32\lytuckwe.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de126.qua'!
C:\WINDOWS\system32\maieptfw.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e10f.qua'!
C:\WINDOWS\system32\mdrwlhay.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be113.qua'!
C:\WINDOWS\system32\mfkkojfb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e117.qua'!
C:\WINDOWS\system32\mhwltspu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a20e11a.qua'!
C:\WINDOWS\system32\miwjfcuu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a20e11c.qua'!
C:\WINDOWS\system32\mjqguboc.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a1ae11d.qua'!
C:\WINDOWS\system32\mluuagyb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee120.qua'!
C:\WINDOWS\system32\mtntiosv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e13b.qua'!
C:\WINDOWS\system32\mvcggifl.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0ce13e.qua'!
C:\WINDOWS\system32\mwquxrgy.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a1ae140.qua'!
C:\WINDOWS\system32\namjcwdk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a16e12a.qua'!
C:\WINDOWS\system32\ncpoikbn.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19e12e.qua'!
C:\WINDOWS\system32\ndfjcwaq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0fe12f.qua'!
C:\WINDOWS\system32\nfqjmeqg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae135.qua'!
C:\WINDOWS\system32\ngmkbudj.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a16e136.qua'!
C:\WINDOWS\system32\nhuphgqi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee138.qua'!
C:\WINDOWS\system32\njotcmcr.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a18e13a.qua'!
C:\WINDOWS\system32\nlhrkkmi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a11e13c.qua'!
C:\WINDOWS\system32\nmnfhunq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e13e.qua'!
C:\WINDOWS\system32\npfwqbce.dll
[DETECTION] Is the TR/PCK.Monder.88128 Trojan
[NOTE] The file was moved to '4a0fe142.qua'!
C:\WINDOWS\system32\npipfchq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e142.qua'!
C:\WINDOWS\system32\nqfbrepu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0fe144.qua'!
C:\WINDOWS\system32\nvwwpxnv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a20e14e.qua'!
C:\WINDOWS\system32\nwlfbiwa.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a15e150.qua'!
C:\WINDOWS\system32\odpqosul.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a19e140.qua'!
C:\WINDOWS\system32\oiulpemr.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee146.qua'!
C:\WINDOWS\system32\omforyla.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0fe14c.qua'!
C:\WINDOWS\system32\osnxxcxm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a17e153.qua'!
C:\WINDOWS\system32\ovdbjfjt.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0de156.qua'!
C:\WINDOWS\system32\paqopjwt.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae142.qua'!
C:\WINDOWS\system32\pavrrpkc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe142.qua'!
C:\WINDOWS\system32\pckneadd.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e145.qua'!
C:\WINDOWS\system32\pejjoxsg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e147.qua'!
C:\WINDOWS\system32\pfryhqvf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be14a.qua'!
C:\WINDOWS\system32\plxfbvta.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e151.qua'!
C:\WINDOWS\system32\puepawdn.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee15c.qua'!
C:\WINDOWS\system32\pvspolpo.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ce15d.qua'!
C:\WINDOWS\system32\pxqyahhj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae160.qua'!
C:\WINDOWS\system32\pxuiknuo.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee160.qua'!
C:\WINDOWS\system32\pyjjajqy.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e161.qua'!
C:\WINDOWS\system32\qahwrkts.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a11e14a.qua'!
C:\WINDOWS\system32\qbadqmkc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ae14b.qua'!
C:\WINDOWS\system32\qildgsry.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a15e154.qua'!
C:\WINDOWS\system32\qjbeddpj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0be155.qua'!
C:\WINDOWS\system32\qjhccepu.dll
[DETECTION] Is the TR/Monder.105024.1 Trojan
[NOTE] The file was moved to '4a11e156.qua'!
C:\WINDOWS\system32\qntnwgqu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de15a.qua'!
C:\WINDOWS\system32\qsjlqhlf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e160.qua'!
C:\WINDOWS\system32\qvotptst.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e164.qua'!
C:\WINDOWS\system32\rdqtxbue.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae155.qua'!
C:\WINDOWS\system32\rgpounbb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19e15a.qua'!
C:\WINDOWS\system32\rrcuvybw.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0ce166.qua'!
C:\WINDOWS\system32\saybmrcm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a22e157.qua'!
C:\WINDOWS\system32\sbjtbhgt.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e159.qua'!
C:\WINDOWS\system32\sdtgdmdt.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de15d.qua'!
C:\WINDOWS\system32\seinbqwe.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e15f.qua'!
C:\WINDOWS\system32\setxttuc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de160.qua'!
C:\WINDOWS\system32\sjtisgfh.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de169.qua'!
C:\WINDOWS\system32\skctvwpt.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a0ce16a.qua'!
C:\WINDOWS\system32\slivrret.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e16c.qua'!
C:\WINDOWS\system32\slvikcwj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1fe16c.qua'!
C:\WINDOWS\system32\sonp32drv.dll
[DETECTION] Is the TR/PSW.OnLineGa.OCJ Trojan
[NOTE] The file was moved to '4a17e171.qua'!
C:\WINDOWS\system32\sosyjdhg.dll
[DETECTION] Is the TR/Proxy.101376 Trojan
[NOTE] The file was moved to '4a1ce172.qua'!
C:\WINDOWS\system32\sqhloovv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a11e175.qua'!
C:\WINDOWS\system32\sqkuiwbs.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e176.qua'!
C:\WINDOWS\system32\suqprwaq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae17d.qua'!
C:\WINDOWS\system32\swuavqrj.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1ee180.qua'!
C:\WINDOWS\system32\sxlavwdn.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a15e181.qua'!
C:\WINDOWS\system32\syytxrnn.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a22e183.qua'!
C:\WINDOWS\system32\tbettjno.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee16e.qua'!
C:\WINDOWS\system32\tegdgusl.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a10e172.qua'!
C:\WINDOWS\system32\thxajvrv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e176.qua'!
C:\WINDOWS\system32\tijtirtu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e178.qua'!
C:\WINDOWS\system32\tjormkii.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e179.qua'!
C:\WINDOWS\system32\tlhstkyp.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a11e17c.qua'!
C:\WINDOWS\system32\tnaveuix.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0ae17e.qua'!
C:\WINDOWS\system32\tufoucuk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0fe186.qua'!
C:\WINDOWS\system32\tvbhtgsr.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0be188.qua'!
C:\WINDOWS\system32\twsgiovk.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ce18a.qua'!
C:\WINDOWS\system32\txwyqcvq.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a20e18b.qua'!
C:\WINDOWS\system32\tytgbylm.dll
[DETECTION] Is the TR/Vundo.HB Trojan
[NOTE] TR/Vundo.HB:[HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN]:<avgnt>=sz:
[NOTE] The file was moved to '4a1de18d.qua'!
C:\WINDOWS\system32\uelhaton.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a15e17a.qua'!
C:\WINDOWS\system32\ukckekbr.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce180.qua'!
C:\WINDOWS\system32\ukiurrra.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a12e181.qua'!
C:\WINDOWS\system32\ullppwlb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a15e182.qua'!
C:\WINDOWS\system32\umulbfjq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee184.qua'!
C:\WINDOWS\system32\unxodhwa.dll
[DETECTION] Is the TR/Monder.105024.1 Trojan
[NOTE] The file was moved to '4a21e186.qua'!
C:\WINDOWS\system32\uppsxlfw.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19e189.qua'!
C:\WINDOWS\system32\upqtkkyk.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a1ae189.qua'!
C:\WINDOWS\system32\usdmpuhd.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0de18d.qua'!
C:\WINDOWS\system32\uuqfbdso.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae191.qua'!
C:\WINDOWS\system32\uuxwyaut.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e191.qua'!
C:\WINDOWS\system32\uxfblyqn.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0fe194.qua'!
C:\WINDOWS\system32\vaeehvgi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee17e.qua'!
C:\WINDOWS\system32\vajwtqln.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e17f.qua'!
C:\WINDOWS\system32\vgcodvkt.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0ce186.qua'!
C:\WINDOWS\system32\vnqwfxqm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae18e.qua'!
C:\WINDOWS\system32\vprmcqxy.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be190.qua'!
C:\WINDOWS\system32\vqaxtupu.dll
[DETECTION] Is the TR/Monder.103488 Trojan
[NOTE] The file was moved to '4a0ae192.qua'!
C:\WINDOWS\system32\vqcvdpvc.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0ce192.qua'!
C:\WINDOWS\system32\vrooxegj.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e194.qua'!
C:\WINDOWS\system32\vtcupjbo.dll
[DETECTION] Is the TR/Proxy.101376 Trojan
[NOTE] The file was moved to '4a0ce196.qua'!
C:\WINDOWS\system32\vutgkklf.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de198.qua'!
C:\WINDOWS\system32\vxehxmbv.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ee19b.qua'!
C:\WINDOWS\system32\vxotsqjo.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a18e19c.qua'!
C:\WINDOWS\system32\vydchvyd.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0de19d.qua'!
C:\WINDOWS\system32\wegsbosm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a10e18b.qua'!
C:\WINDOWS\system32\wfkfsuqs.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e18d.qua'!
C:\WINDOWS\system32\wiuwnncm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee194.qua'!
C:\WINDOWS\system32\wmqfklky.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ae19b.qua'!
C:\WINDOWS\system32\wotslqkq.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de19f.qua'!
C:\WINDOWS\system32\wouncojn.exe
[DETECTION] Is the TR/PrivacySet.A Trojan
[NOTE] The file was moved to '4a1ee19f.qua'!
C:\WINDOWS\system32\wqjkjpdu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a13e1b9.qua'!
C:\WINDOWS\system32\wqkstkjt.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e1ba.qua'!
C:\WINDOWS\system32\wstlmalg.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de1bd.qua'!
C:\WINDOWS\system32\wvowhvvx.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e1c2.qua'!
C:\WINDOWS\system32\xfoqokud.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e1b3.qua'!
C:\WINDOWS\system32\xhrmtsjb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1be1b5.qua'!
C:\WINDOWS\system32\xhusglpi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee1b6.qua'!
C:\WINDOWS\system32\xlubsxqa.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ee1ba.qua'!
C:\WINDOWS\system32\xlxoijjc.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a21e1ba.qua'!
C:\WINDOWS\system32\xncswtbi.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce1bd.qua'!
C:\WINDOWS\system32\xudyxftq.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a0de1c4.qua'!
C:\WINDOWS\system32\xvoytavo.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e1c6.qua'!
C:\WINDOWS\system32\yacpfvdd.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a0ce1b2.qua'!
C:\WINDOWS\system32\yaknvvgu.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a14e1b3.qua'!
C:\WINDOWS\system32\ycdtfpdb.dll
[DETECTION] Is the TR/Killav.WB Trojan
[NOTE] The file was moved to '4a0de1b5.qua'!
C:\WINDOWS\system32\ydokwuig.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e1b7.qua'!
C:\WINDOWS\system32\ygcvhyac.exe
[DETECTION] Is the TR/Lowzones.SG Trojan
[NOTE] The file was moved to '4a0ce1bb.qua'!
C:\WINDOWS\system32\yipboism.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a19e1bd.qua'!
C:\WINDOWS\system32\yltdkxjb.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1de1c1.qua'!
C:\WINDOWS\system32\yqsrqekm.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a1ce1c6.qua'!
C:\WINDOWS\system32\yuoctkan.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a18e1cb.qua'!
C:\WINDOWS\system32\yuofskja.dll
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4b7f3914.qua'!
C:\WINDOWS\system32\drivers\auhrne.sys
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Pcclient.cpt back-door program
[NOTE] The file was moved to '4a11e250.qua'!


End of the scan: Saturday, February 28, 2009 19:17
Used time: 1:29:35 Hour(s)

The scan has been done completely.

4372 Scanning directories
191530 Files were scanned
263 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
2 files were deleted
0 files were repaired
259 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
191266 Files not concerned
2009 Archives were scanned
6 Warnings
261 Notes

Edited by garmanma, 28 February 2009 - 09:16 PM.


BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 AM

Posted 01 March 2009 - 04:29 PM

Hello.

Yes, those are infected files and I'm glad Avira quarantined them. If you want to make sure if there's anything else. Run GMER and MBAM please.

Download and run MalwareBytes Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this link

Download and Run Scan with GMER

We will use GMER to scan for rootkits.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Click the >>>
  • Click on Settings, then check the first five settings:
    • System Protection and Tracing
    • Processes
    • Save created processes to the log
    • Drivers
    • Save loaded drivers to the log
  • You will be prompted to restart your computer. Please do so.
  • After the reboot, run Gmer again and click on the Rootkit tab.[list]
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for Show All.
  • Click on the Scan and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. You will know that the scan is done when the Stop buttons turns back to Scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose New>Text document. Once the file is created, open it and right-click again and choose Paste. Save the file as gmer.txt and copy the information in your next reply.
If GMER doesn't work in Normal Mode try running it in Safe Mode

Important!:Please do not select the Show all checkbox during the scan..

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users