Antivirus Protection
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsSystem AdministrationAntivirus Protection
Reload this Page

Page 2 - homepage hijacked

Page 2 - Discuss homepage hijacked in the Antivirus Protection forum on Dev Shed.
homepage hijacked Antivirus Protection forum discussing issues relating to antivirus programs, spyware, hijack protection, and personal firewalls for all operating systems. Keep your systems protected from hackers and other hazards.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Page 2 of 3 < 1 2 3 >
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #16  
Old June 28th, 2004, 06:39 PM
Tom Myboy Tom Myboy is offline
Contributing User
Dev Shed Regular (2000 - 2499 posts)
  
Join Date: Aug 2003
Posts: 2,491 Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level) 
Time spent in forums: 3 Days 20 h 13 m 41 sec
Reputation Power: 14
Hi again polyjb,

Please post a fresh Hijackthis log. There's a reason IE is not working, let's see if we can figure it out!

Tom
__________________
HijackThis
Ad-aware
Spybot Search & Destroy
SpywareBlaster
SpywareGuard
Housecall Online A/V Scan
Please read the stickys at the top of the forum before posting!
Reply With Quote
  #17  
Old June 28th, 2004, 06:54 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
New problem
Tom, I now have a new homepage hijacker problem. This one results in a highjacked homepage and continous spyware warning popups. This one does not completely cripple my IE but does redirect my homepage. What do you think? Thanks.

Logfile of HijackThis v1.97.7
Scan saved at 4:52:40 PM, on 6/28/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\basfipm.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 81 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {59E80428-1DFC-4A10-837C-389D45CD52C6} - C:\WINDOWS\System32\jaih.dll
Reply With Quote
  #18  
Old June 28th, 2004, 06:56 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
Just to clarify my earlier issue. The suggestions you had worked for a few hours but now I have a new problem as i mentioned in my last post.
Reply With Quote
  #19  
Old June 28th, 2004, 08:00 PM
Tom Myboy Tom Myboy is offline
Contributing User
Dev Shed Regular (2000 - 2499 posts)
  
Join Date: Aug 2003
Posts: 2,491 Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level)Tom Myboy User rank is Sergeant (500 - 2000 Reputation Level) 
Time spent in forums: 3 Days 20 h 13 m 41 sec
Reputation Power: 14
Let's do a couple of online scans.... there's something going on here. Perform a scan at these two places:

Trend Micro Housecall
http://housecall.trendmicro.com/

Bitdefender
http://www.bitdefender.com/scan/licence.php

You can perform the same fix as we did before, but with the new values:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\JERRYB~1\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {59E80428-1DFC-4A10-837C-389D45CD52C6} - C:\WINDOWS\System32\jaih.dll

Apply these suggestions to help keep your system clean:

SpywareBlaster will block bad ActiveX and malevolent cookies. http://www.javacoolsoftware.com/spywareblaster.html

Spywareguard is an excellent companion to Spywareblaster (link below)

IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

Both are very small free programs that you run once, and then just occasionally to check for updates.

Will get back to you tomorrow and see how you are doing.

Tom
Reply With Quote
  #20  
Old June 28th, 2004, 11:21 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
Tom I ran the Bit Defender scan first of all. There looks to be a number of the dlls still in the system. What sense can you make of this. I will wait for your response on this before I continue. Pretty massive...but please take a look. Thanks.


I will have to break it up into separate posts...it is over 60000 characters.

Memory ok
Master Boot Record 80 ok (Windows 95 B20 - Windows 98)
Partition Boot 1 (primary) ok (Unknown MBR/Boot Code)
Partition Boot 2 (primary) (active) ok (Windows NT 2000 NTFS)
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN infected: Win32.Worm.Sasser.2.Gen
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN unable to disinfect
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07A40000.VBN infected: Win32.Worm.Sasser.2.Gen
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\07A40000.VBN unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Application Data\winlink\winlink.new=>(Upx) infected: Trojan.Win32.Winshow.A
C:\Documents and Settings\Jerry Bumbaugh\Application Data\winlink\winlink.new unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Application Data\winshow\winshow.new=>(Upx) infected: Trojan.Win32.Winshow.A
C:\Documents and Settings\Jerry Bumbaugh\Application Data\winshow\winshow.new=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 10 for hijackthis.zip\backup-20040615-010718-333.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 10 for hijackthis.zip\backup-20040615-010718-333.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 11 for hijackthis.zip\backup-20040615-022550-570.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 11 for hijackthis.zip\backup-20040615-022550-570.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 12 for hijackthis.zip\backup-20040615-021326-734.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 12 for hijackthis.zip\backup-20040615-021326-734.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 13 for hijackthis.zip\backup-20040615-021847-439.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 13 for hijackthis.zip\backup-20040615-021847-439.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 13 for hijackthis.zip\backup-20040615-021847-477.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 13 for hijackthis.zip\backup-20040615-021847-477.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 14 for hijackthis.zip\backup-20040615-022100-324.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 14 for hijackthis.zip\backup-20040615-022100-324.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 15 for hijackthis.zip\backup-20040615-022753-336.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 15 for hijackthis.zip\backup-20040615-022753-336.dll=>(Upx) unable to disinfect
Reply With Quote
  #21  
Old June 28th, 2004, 11:23 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 15 for hijackthis.zip\backup-20040615-022855-548.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 15 for hijackthis.zip\backup-20040615-022855-548.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 16 for hijackthis.zip\backup-20040615-023029-973.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 16 for hijackthis.zip\backup-20040615-023029-973.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 17 for hijackthis.zip\backup-20040615-080131-528.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 17 for hijackthis.zip\backup-20040615-080131-528.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 18 for hijackthis.zip\backup-20040615-092212-375.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 18 for hijackthis.zip\backup-20040615-092212-375.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 20 for hijackthis.zip\backup-20040624-130647-956.dll infected: Trojan.StartPage.IS
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 20 for hijackthis.zip\backup-20040624-130647-956.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 21 for hijackthis.zip\backup-20040624-144412-367.dll infected: Trojan.StartPage.IS
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 21 for hijackthis.zip\backup-20040624-144412-367.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 24 for hijackthis.zip\backup-20040624-150333-861.dll infected: Trojan.StartPage.IS
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 24 for hijackthis.zip\backup-20040624-150333-861.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 4 for hijackthis.zip\backup-20040124-143759-538.dll=>(Upx) infected: Trojan.Downloader.WinShow.N
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 4 for hijackthis.zip\backup-20040124-143759-538.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 54 for hijackthis.zip\backup-20040625-091704-831.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 54 for hijackthis.zip\backup-20040625-091704-831.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 55 for hijackthis.zip\backup-20040625-101120-240.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 55 for hijackthis.zip\backup-20040625-101120-240.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 56 for hijackthis.zip\backup-20040625-101213-542.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 56 for hijackthis.zip\backup-20040625-101213-542.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 56 for hijackthis.zip\backup-20040625-101214-200.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 56 for hijackthis.zip\backup-20040625-101214-200.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 58 for hijackthis.zip\backup-20040625-103941-357.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 58 for hijackthis.zip\backup-20040625-103941-357.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 59 for hijackthis.zip\backup-20040625-111156-698.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 59 for hijackthis.zip\backup-20040625-111156-698.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 60 for hijackthis.zip\backup-20040625-112338-731.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 60 for hijackthis.zip\backup-20040625-112338-731.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 61 for hijackthis.zip\backup-20040625-120834-442.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 61 for hijackthis.zip\backup-20040625-120834-442.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 62 for hijackthis.zip\backup-20040625-124818-947.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 62 for hijackthis.zip\backup-20040625-124818-947.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 63 for hijackthis.zip\backup-20040625-125324-790.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 63 for hijackthis.zip\backup-20040625-125324-790.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 64 for hijackthis.zip\backup-20040625-131239-828.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 64 for hijackthis.zip\backup-20040625-131239-828.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 65 for hijackthis.zip\backup-20040625-135505-784.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 65 for hijackthis.zip\backup-20040625-135505-784.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 67 for hijackthis.zip\backup-20040625-205725-751.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 67 for hijackthis.zip\backup-20040625-205725-751.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 68 for hijackthis.zip\backup-20040625-212045-627.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 68 for hijackthis.zip\backup-20040625-212045-627.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 69 for hijackthis.zip\backup-20040626-175937-911.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 69 for hijackthis.zip\backup-20040626-175937-911.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 70 for hijackthis.zip\backup-20040626-223636-670.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 70 for hijackthis.zip\backup-20040626-223636-670.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 71 for hijackthis.zip\backup-20040626-221214-583.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 71 for hijackthis.zip\backup-20040626-221214-583.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 74 for hijackthis.zip\backup-20040626-223732-534.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 74 for hijackthis.zip\backup-20040626-223732-534.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 75 for hijackthis.zip\backup-20040626-224232-270.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 75 for hijackthis.zip\backup-20040626-224232-270.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 75 for hijackthis.zip\backup-20040626-224232-528.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 75 for hijackthis.zip\backup-20040626-224232-528.dll unable to disinfect
Reply With Quote
  #22  
Old June 28th, 2004, 11:24 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 76 for hijackthis.zip\backup-20040628-103323-326.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 76 for hijackthis.zip\backup-20040628-103323-326.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 77 for hijackthis.zip\backup-20040626-231031-833.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 77 for hijackthis.zip\backup-20040626-231031-833.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 79 for hijackthis.zip\backup-20040628-113421-620.dll infected: Trojan.Downloader.Agent.AP
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 79 for hijackthis.zip\backup-20040628-113421-620.dll unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 8 for hijackthis.zip\backup-20040615-010327-672.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 8 for hijackthis.zip\backup-20040615-010327-672.dll=>(Upx) unable to disinfect
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 80 for hijackthis.zip\backup-20040628-164846-204.dll infected: Trojan.StartPage.IS
C:\Documents and Settings\Jerry Bumbaugh\Local Settings\Temp\Temporary Directory 80 for hijackthis.zip\backup-20040628-164846-204.dll unable to disinfect
C:\I386\NOTEPAD.EXE=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\I386\NOTEPAD.EXE deleted
C:\I386\notepad.exe.bak=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\I386\notepad.exe.bak deleted
C:\Program Files\Windows Media Player\wmplayer.exe.tmp=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\Program Files\Windows Media Player\wmplayer.exe.tmp deleted
C:\Q230903.exe=>(ASPack 1.08.04) infected: Trojan.Winshow.A
C:\Q230903.exe=>(ASPack 1.08.04) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc100.zip\backup-20040625-101120-240.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc100.zip\backup-20040625-101120-240.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc101.zip\backup-20040625-101213-542.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc101.zip\backup-20040625-101213-542.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc101.zip\backup-20040625-101214-200.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc101.zip\backup-20040625-101214-200.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc103.zip\backup-20040625-103941-357.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc103.zip\backup-20040625-103941-357.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc104.zip\backup-20040625-111156-698.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc104.zip\backup-20040625-111156-698.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc105.zip\backup-20040625-112338-731.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc105.zip\backup-20040625-112338-731.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc106.zip\backup-20040625-120834-442.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc106.zip\backup-20040625-120834-442.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc107.zip\backup-20040625-124818-947.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc107.zip\backup-20040625-124818-947.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc108.zip\backup-20040625-125324-790.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc108.zip\backup-20040625-125324-790.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc109.zip\backup-20040625-131239-828.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc109.zip\backup-20040625-131239-828.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc110.zip\backup-20040625-135505-784.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc110.zip\backup-20040625-135505-784.dll unable to disinfect
disinfect
Reply With Quote
  #23  
Old June 28th, 2004, 11:25 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc112.zip\backup-20040625-205725-751.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc112.zip\backup-20040625-205725-751.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc113.zip\backup-20040625-212045-627.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc113.zip\backup-20040625-212045-627.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc114.zip\backup-20040626-175937-911.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc114.zip\backup-20040626-175937-911.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc115.zip\backup-20040626-223636-670.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc115.zip\backup-20040626-223636-670.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc116.zip\backup-20040626-221214-583.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc116.zip\backup-20040626-221214-583.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc119.zip\backup-20040626-223732-534.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc119.zip\backup-20040626-223732-534.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc120.zip\backup-20040626-224232-270.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc120.zip\backup-20040626-224232-270.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc120.zip\backup-20040626-224232-528.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc120.zip\backup-20040626-224232-528.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc121.zip\backup-20040628-103323-326.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc121.zip\backup-20040628-103323-326.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc122.zip\backup-20040626-231031-833.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc122.zip\backup-20040626-231031-833.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc124.zip\backup-20040628-113421-620.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc124.zip\backup-20040628-113421-620.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc45.zip\backup-20040628-164846-204.dll infected: Trojan.StartPage.IS
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc45.zip\backup-20040628-164846-204.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc49.zip\backup-20040124-143759-538.dll=>(Upx) infected: Trojan.Downloader.WinShow.N
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc49.zip\backup-20040124-143759-538.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc53.zip\backup-20040615-010327-672.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc53.zip\backup-20040615-010327-672.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc55.zip\backup-20040615-010718-333.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc55.zip\backup-20040615-010718-333.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc56.zip\backup-20040615-022550-570.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc56.zip\backup-20040615-022550-570.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc57.zip\backup-20040615-021326-734.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc57.zip\backup-20040615-021326-734.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc58.zip\backup-20040615-021847-439.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc58.zip\backup-20040615-021847-439.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc58.zip\backup-20040615-021847-477.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc58.zip\backup-20040615-021847-477.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc59.zip\backup-20040615-022100-324.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc59.zip\backup-20040615-022100-324.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc60.zip\backup-20040615-022753-336.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc60.zip\backup-20040615-022753-336.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc60.zip\backup-20040615-022855-548.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc60.zip\backup-20040615-022855-548.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc61.zip\backup-20040615-023029-973.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc61.zip\backup-20040615-023029-973.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc62.zip\backup-20040615-080131-528.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc62.zip\backup-20040615-080131-528.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc63.zip\backup-20040615-092212-375.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc63.zip\backup-20040615-092212-375.dll=>(Upx) unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc65.zip\backup-20040624-130647-956.dll infected: Trojan.StartPage.IS
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc65.zip\backup-20040624-130647-956.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc66.zip\backup-20040624-144412-367.dll infected: Trojan.StartPage.IS
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc66.zip\backup-20040624-144412-367.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc69.zip\backup-20040624-150333-861.dll infected: Trojan.StartPage.IS
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc69.zip\backup-20040624-150333-861.dll unable to disinfect
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc99.zip\backup-20040625-091704-831.dll infected: Trojan.Downloader.Agent.AP
C:\RECYCLER\S-1-5-21-3284782937-2680415764-1600953117-1006\Dc99.zip\backup-20040625-091704-831.dll unable to disinfect
Reply With Quote
  #24  
Old June 28th, 2004, 11:28 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041283.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041283.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041284.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041284.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041286.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041286.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041287.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041287.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041288.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041288.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041289.dll infected: Trojan.Downloader.WinShow.N
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041289.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041290.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041290.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041291.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041291.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041292.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041292.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041293.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041293.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041294.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041294.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041295.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041295.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041296.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041296.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041297.exe=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041297.exe=>(Upx) unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041298.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041298.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041299.dll infected: Trojan.Downloader.Winshow.U
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041299.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041303.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP280\A0041303.dll=>(Upx) unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP284\A0042765.exe=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP284\A0042765.exe deleted
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP284\A0042773.exe=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP284\A0042773.exe deleted
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP285\A0042794.exe=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP285\A0042794.exe deleted
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP287\A0043953.dll infected: Trojan.StartPage.IS
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP287\A0043953.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045013.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045013.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045014.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045014.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045015.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045015.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045018.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045018.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045019.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045019.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045021.exe=>(FSG 1.2) suspect: Trojan.Dropper.Small.HX
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045021.exe deleted
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045022.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045022.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045023.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045023.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045024.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045024.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045025.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045025.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045026.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045026.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045027.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045027.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045028.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045028.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045029.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045029.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045030.dll=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045030.dll=>(Upx) unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045031.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045031.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045036.dll=>(Upx) infected: Trojan.Win32.Winshow.A
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045036.dll=>(Upx) unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045038.dll infected: Trojan.IeFear
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045038.dll unable to disinfect
Reply With Quote
  #25  
Old June 28th, 2004, 11:31 PM
polyjb polyjb is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jun 2004
Posts: 32 polyjb User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 15 m 33 sec
Reputation Power: 5
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045039.dll=>(Upx) infected: Trojan.Downloader.WinShow.N
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045039.dll=>(Upx) unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045040.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045040.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045042.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045042.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045043.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045043.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045086.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045086.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045107.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045107.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045113.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045113.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045119.exe=>(Upx) infected: Trojan.Downloader.Agent.Z
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045119.exe=>(Upx) unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045120.dll infected: Trojan.Downloader.Agent.AP
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045120.dll unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045127.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045127.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045128.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045128.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045129.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045129.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045130.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045130.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045131.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045131.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045132.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045132.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045133.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045133.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045134.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045134.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045135.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045135.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045136.exe infected: Trojan.Downloader.Agent.AN
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045136.exe unable to disinfect
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP288\A0045137.dll infected: Trojan.Downloader.Agent.AP
C:\System Vo