Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worm


  • Please log in to reply
6 replies to this topic

#1 (~Miguel~)

(~Miguel~)

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 04 March 2007 - 02:47 PM

I found a worm but im not sure if I should delete it! if i delete it willl it delete my important files?

Posted Image

The Avg Log
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:57:21 AM 3/4/2007

+ Scan result:



C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP173\A0020968.exe -> Backdoor.Pcclient.gv : No action taken.
:mozilla.28:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.29:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.30:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.31:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Owner\Cookies\owner@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.32:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.39:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.33:C:\Documents and Settings\Pamela\Application Data\Mozilla\Firefox\Profiles\w28uoehk.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Desktop\Graphics Gale.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Desktop\Photoshop CS2 v9.0 + working KeyGen\Photoshop CS2\Adobe® Photoshop® CS2\setup.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Desktop\Photoshop CS2 v9.0 + working KeyGen\Photoshop CS2\Setup.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Desktop\Photoshop CS2 v9.0 + working KeyGen\Photoshop.CS2.KeyGen.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Application Data\Last.fm\Client\UninstITW\unins000.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Application Data\Last.fm\Client\UninstWMP\unins000.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\Photoshop.CS2.KeyGen.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\WmpPluginSetup_2.0.26.0.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\WmpPluginSetup_2.0.27.0.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\iTunesPluginWinSetup_2.0.10.0.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\pft13~tmp\Reader\AcroRd32.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\pftA~tmp\Reader\AcroRd32.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\qp32cg11.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\Local Settings\Temp\setup_wm.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\My Documents\My Games\Winrar\WinRAR.exe -> Worm.VB.dz : No action taken.
C:\Documents and Settings\Owner\My Documents\My Games\Winrar\wrar362.exe -> Worm.VB.dz : No action taken.
C:\EPSONREG\EPSONREG.EXE -> Worm.VB.dz : No action taken.
C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\DW20.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\ATI Technologies\ATI Control Panel\atiprbxx.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\ENU\setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Adobe\Adobe Help Center\ahc.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Adobe\Adobe Help Center\ahcremind.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit\ExtendScript Toolkit.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\CoverDesigner\CoverDes.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero BackItUp\NBR.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero SoundTrax\SoundTrax.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero Toolkit\CDSpeed.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero Toolkit\DriveSpeed.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero Toolkit\InfoTool.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero Wave Editor\DXEnum.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero Wave Editor\WaveEdit.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\NeroBurnRights\NeroBurnRights.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\Nero\Uninstall\UNNero.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ahead\WMPBurn\WMPBurn.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoImpression 5\CheckUpdate\CheckUpdate.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoImpression 5\SUPPORT\Registration\ArcRegister.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoImpression 5\photoimpression.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoPrinter 5\CheckUpdate.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoPrinter 5\PhotoPrinter5.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoPrinter 5\Support\Registration\ArcRegister.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoStudio 5.5\PhotoStudio.exe -> Worm.VB.dz : No action taken.
C:\Program Files\ArcSoft\PhotoStudio 5.5\SUPPORT\Registration\ArcRegister.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Ares\aresregular199_installer.exe -> Worm.VB.dz : No action taken.
C:\Program Files\AxBx\Anti Virus\Multi Virus Cleaner (3).exe -> Worm.VB.dz : No action taken.
C:\Program Files\AxBx\Anti Virus\Multi Virus Cleaner\setup 2.exe -> Worm.VB.dz : No action taken.
C:\Program Files\BigFix\BFast.exe -> Worm.VB.dz : No action taken.
C:\Program Files\CONEXANT\CNXT_AUDIO\HXFSetup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_2041161F\HXFSetup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Ahead\Lib\specialoffer.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\AolCoach\en_en\ab3.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\Equation\eqnedt32.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\MODI\11.0\MSPVIEW.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\MSDraw\msdraw.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\MSInfo\OINFOP11.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\WordArt\WRDART32.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WksCal.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Microsoft Shared\Works Shared\dw15.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\Nullsoft\ActiveX\AOLMediaPlaybackControl.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\System\MSMAPI\1033\CNFNOT32.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Common Files\aolshare\aolunins_us.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Copy of spybotsd14.exe -> Worm.VB.dz : No action taken.
C:\Program Files\DVD Decrypter\DVDDecrypter.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Firefox Setup 2.0.0.1.exe -> Worm.VB.dz : No action taken.
C:\Program Files\GraphicsGale FreeEdition\GaleBrowse.exe -> Worm.VB.dz : No action taken.
C:\Program Files\GraphicsGale FreeEdition\setgalefreeus.exe -> Worm.VB.dz : No action taken.
C:\Program Files\GraphicsGale FreeEdition\setgaleus.exe -> Worm.VB.dz : No action taken.
C:\Program Files\HijackThis.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{16B3A24E-A084-41FA-A5B8-F82794712498}\setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{1735AD57-FD6E-4EB5-A276-56C2574D6412}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{3B755EF7-F860-4F72-9A2D-5216CB48BA7C}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{56CBF657-1A88-4A6A-B3FF-304B608DA076}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{65D30520-CFB9-4E46-A101-68C0AADAE40C}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{9B94BE6F-7CA3-4C40-A266-62667FF746CC}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\InstallShield Installation Information\{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}\Setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Java\jre1.5.0_02\bin\javaws.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Last\Last.fm\CrashReporter.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Last\Last.fm\LastFM.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Last\Last.fm\unins000.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Last\LastFM_Win_1.1.3.0.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Lavasoft\Ad-Aware SE Personal\UNWISE.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Lavasoft\Ad-Aware SE Personal\unregaaw.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN Messenger\Device Manager\dpinst.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN Messenger\Device Manager\msgrdvmn.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN Messenger\livecall.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN Messenger\msnmsgr.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN Messenger\msvs.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe -> Worm.VB.dz : No action taken.
C:\Program Files\MSN\MsnInstaller\msninst.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Messenger\msmsgs.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Digital Image 2006\ImprtWiz.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Digital Image 2006\PIXPhotoStory.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Digital Image 2006\dw15.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Digital Image 2006\pi.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\GRAPH.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\MSTORDB.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\MSTORE.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\OIS.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\PPTVIEW.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\OFFICE11\PROFLWIZ.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\MSWorks.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\WksDict.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\WksSb.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\WksWP.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\lnchtour.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\wklnckml.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\wksdb.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Microsoft Works\wksss.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\talkback.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Mozilla Firefox\plugins\NPSWF32_FlashUtil.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Mozilla Firefox\uninstall\helper.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Mozilla Firefox\updater.exe -> Worm.VB.dz : No action taken.
C:\Program Files\One Care\SetupOneCare.exe -> Worm.VB.dz : No action taken.
C:\Program Files\QuickTime\PictureViewer.exe -> Worm.VB.dz : No action taken.
C:\Program Files\QuickTime\QTInfo.exe -> Worm.VB.dz : No action taken.
C:\Program Files\QuickTime\QTSystem\ExportController.exe -> Worm.VB.dz : No action taken.
C:\Program Files\QuickTime\qttask.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Spybot - Search & Destroy\unins000.exe -> Worm.VB.dz : No action taken.
C:\Program Files\SpywareBlaster\unins000.exe -> Worm.VB.dz : No action taken.
C:\Program Files\WinRAR\wrar362.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Windows Media Player\LastFM_Win_1.1.0.0_en.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Windows Media Player\wmdbexport.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Windows Media Player\wmlaunch.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Windows Media Player\wmpnscfg.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Yahoo!\Common\unyt.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Yahoo!\Messenger\UNWISE.EXE -> Worm.VB.dz : No action taken.
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Yahoo!\Messenger\yupdater.exe -> Worm.VB.dz : No action taken.
C:\Program Files\Yahoo!\msgr8us.exe -> Worm.VB.dz : No action taken.
C:\Program Files\aawsepersonal.exe -> Worm.VB.dz : No action taken.
C:\Program Files\avast\setupeng.exe -> Worm.VB.dz : No action taken.
C:\Program Files\avgas-setup-7.5.0.50.exe -> Worm.VB.dz : No action taken.
C:\Program Files\epson\escndv\escndv.exe -> Worm.VB.dz : No action taken.
C:\Program Files\epson\escndv\setup\setup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\epson\guide\cx3800_e\uninstall.exe -> Worm.VB.dz : No action taken.
C:\Program Files\fdminst.exe -> Worm.VB.dz : No action taken.
C:\Program Files\gifsetup.exe -> Worm.VB.dz : No action taken.
C:\Program Files\iTunes\iTunes.exe -> Worm.VB.dz : No action taken.
C:\Program Files\pspvideo9\pspVideo9.exe -> Worm.VB.dz : No action taken.
C:\Program Files\spybotsd14.exe -> Worm.VB.dz : No action taken.
C:\Program Files\spywareblastersetup351.exe -> Worm.VB.dz : No action taken.
C:\Program Files\wrar36b2.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028637.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028982.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028988.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028989.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028990.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028991.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028992.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028993.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028995.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0028998.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029003.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029026.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029035.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029036.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029037.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029038.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029041.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP207\A0029054.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029074.EXE -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029075.EXE -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029081.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029082.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029083.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029084.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029085.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029089.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029090.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029094.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029108.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029116.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029120.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029121.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0029123.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029134.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029144.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029152.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029160.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029169.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029201.exe -> Worm.VB.dz : No action taken.
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP209\A0029228.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB887472$\msmsgs.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallWMFDist11$\wmsetsdk.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$NtUninstallwmp11$\wmlaunch.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB834707\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB834707\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB867282\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB867282\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB873333\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB873333\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB873339\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB883939\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB883939\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB885250\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB885250\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB885835\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB885836\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB886185\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB887472\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB888113\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB888113\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB888302\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890047\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890047\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890175\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890175\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890859\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890859\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890923\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB890923\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB891781\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB893066\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB893066\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB893086\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB893086\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB893756\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB893756\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB894391\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB894391\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896358\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896358\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896422\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896422\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896423\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896423\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896424\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896424\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896428\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896428\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896688\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896688\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896727\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB896727\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB898461\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899587\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899587\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899588\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899588\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899589\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899589\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899591\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB899591\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB900485\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB900485\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB900725\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB900725\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB901017\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB901017\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB901214\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB902400\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB902400\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB904706\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB904706\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB905414\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB905414\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB905749\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB905749\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB908519\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB908519\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB908531\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB908531\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB910437\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB910437\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911280\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911280\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911562\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911562\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911567\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911567\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911927\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB911927\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB912919\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB912919\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB913580\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB913580\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB914388\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB914388\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB914389\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB914389\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB915865\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB915865\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB916595\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB916595\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917159\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917159\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917344\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917344\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917422\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917422\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917953\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB917953\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB918118\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB918118\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB918439\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB918439\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB919007\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB919007\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920214\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920214\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920670\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920670\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920683\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920683\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920685\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920685\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920872\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB920872\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB921398\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB921398\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB921883\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB921883\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB922582\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB922582\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB922616\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB922616\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB922819\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB922819\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB923414\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB923414\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB923694\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB923694\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB923980\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB923980\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB924191\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB924191\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB924270\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB924270\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB925486\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB925486\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB926255\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB926255\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB926436\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB926436\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB927779\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB927779\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB927802\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB927802\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB928255\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB928255\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB928843\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB928843\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB929969\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB929969\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB931836\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\$hf_mig$\KB931836\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\MOD\hxfsetup.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\MOD\setup.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\NET\aegisi2.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\NET\aegisi5.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\NET\bcmwltry.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\NET\bcmwlu00.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\NET\is.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\NET\wltray.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\SND\hxfsetup.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRV\SND\setup.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\DRW\DWWIN.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\NETSETUP.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\REGEDIT.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\I386\SYSPARSE.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\IsUninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\OPTIONS\OemReset.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\OPTIONS\deleterp.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\SMINST\INSTALL_APP.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\SMINST\Recguard.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\SMINST\START.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\SoftwareDistribution\Download\c268348752498f57ff1128ae6a23c4f1\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\SoftwareDistribution\Download\c268348752498f57ff1128ae6a23c4f1\update\update.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\SoftwareDistribution\Download\c268348752498f57ff1128ae6a23c4f1\wgatray.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu1.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu10.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu12.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu13.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu1A.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu1F.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu22.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu2A.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu32.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu36.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu3C.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu4.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu44.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu5.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcu6.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcuA.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcuB.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcuC.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\Temp\mcuD.tmp\McAppIns.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\UNNeroBurnRights.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\creator\CD Creator.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\creator\remind_xp.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\ie7\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\ie7updates\KB928090-IE7\iexplore.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\DivXsm.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\HotlineClient.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\NeroCheck.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\SynMood.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\SynTPEnh.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\SynZMetr.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\Tutorial.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\WISPTIS.EXE -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\WinFXDocObj.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\WudfHost.exe -> Worm.VB.dz : No action taken.
C:\WINDOWS\system32\drmup

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:06 PM

Posted 04 March 2007 - 02:55 PM

Yes, delete everything Avg Antispyware found.
Also suggest after you get clean to clear your system restore and reset all passwords. The worm is capable of gathering your passwords, banking info, credit card info, etc. Very dangerous. I would also rerun AVG in safe mode.
Purge system restore:
http://www.sophos.com/support/knowledgebas...icle/10386.html

Also suggest you do the following:
Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

Post a Hijack This log in the appropriate forum by following the directions in the link below.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Edited by buddy215, 04 March 2007 - 03:00 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 (~Miguel~)

(~Miguel~)
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 04 March 2007 - 03:03 PM

Yes, delete everything Avg Antispyware found.
Also suggest after you get clean to clear your system restore and reset all passwords. The worm is capable of gathering your passwords, banking info, credit card info, etc. Very dangerous. I would also rerun AVG in safe mode.
Purge system restore:
http://www.sophos.com/support/knowledgebas...icle/10386.html

Also suggest you do the following:
Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

Post a Hijack This log in the appropriate forum by following the directions in the link below.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/


If i delete it willl it delete my important Files?

#4 buddy215

buddy215

  • Moderator
  • 13,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:06 PM

Posted 04 March 2007 - 03:06 PM

It Shouldn't, but if you want to you can quarantine what AVG found and delete later after you are sure everything still works.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 (~Miguel~)

(~Miguel~)
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 04 March 2007 - 03:07 PM

Yes i quarentined and everything seems to work im rescaning in ad-aware right now. How do I go To SafeMode?

Edited by (~Miguel~), 04 March 2007 - 03:15 PM.


#6 buddy215

buddy215

  • Moderator
  • 13,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:06 PM

Posted 04 March 2007 - 03:22 PM

http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

Safe mode instructions above

You need to clean your temporary files, logs, cookies. The fastest and easiest way to do this is to install Ccleaner. Run the cleaner using the default settings. Do not use the "Issues" function. If you want to save your passwords and certain cookies it will give you the option to do that.
You may even want to run Ccleaner before doing scanning to cut down on scan time.

Edited by buddy215, 04 March 2007 - 03:33 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 (~Miguel~)

(~Miguel~)
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:06 PM

Posted 04 March 2007 - 04:32 PM

ok im re running avg then restarting, sorry for the delay. Now im ready to do the purging of the system restore




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users