Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Closed] spyware

Started by mchash12345 , May 16 2008 09:18 AM

  • This topic is locked This topic is locked
36 replies to this topic

#16 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 04:36 AM

good morning , i couldent find any spyware program in the add or remove except adawre se , here is the scan thing anyway .




ComboFix 08-05-15.3 - mum 2008-05-17 10:33:07.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.50 [GMT 1:00]
Running from: C:\Documents and Settings\mum\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\mum\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\noskrnl.exe
C:\WINDOWS\system32\ascohgqr.dll
C:\WINDOWS\system32\awtsTKed.dll
C:\WINDOWS\system32\blackster.scr
C:\WINDOWS\system32\cdwhgtcs.ini
C:\WINDOWS\system32\fccaaYpm.dll
C:\WINDOWS\system32\ggabxiai.dll
C:\WINDOWS\system32\khffEVnl.dll
C:\WINDOWS\system32\kr_done1de
C:\WINDOWS\system32\qoMfgdAq.dll
C:\WINDOWS\system32\sctghwdc.dll
C:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\ascohgqr.dll
C:\WINDOWS\system32\awtsTKed.dll
C:\WINDOWS\system32\blackster.scr
C:\WINDOWS\system32\cdwhgtcs.ini
C:\WINDOWS\system32\deKTstwa.ini
C:\WINDOWS\system32\deKTstwa.ini2
C:\WINDOWS\system32\fccaaYpm.dll
C:\WINDOWS\system32\jynkmgmu.ini
C:\WINDOWS\system32\khffEVnl.dll
C:\WINDOWS\system32\kr_done1de
C:\WINDOWS\system32\sctghwdc.dll
C:\WINDOWS\Tasks\AntiSpyware Scheduled Scan.job

.
((((((((((((((((((((((((( Files Created from 2008-04-17 to 2008-05-17 )))))))))))))))))))))))))))))))
.

2008-05-17 01:48 . 2008-05-17 01:48 91,776 --a------ C:\WINDOWS\system32\umgmknyj.dll
2008-05-17 01:21 . 2008-05-17 01:21 294 --ahs---- C:\WINDOWS\system32\iaixbagg.ini
2008-05-16 22:29 . 2008-05-16 23:43 <DIR> d-------- C:\SDFix
2008-05-16 22:02 . 2008-05-16 22:02 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-16 17:30 . 2008-05-16 17:30 <DIR> d-------- C:\Documents and Settings\mum\Application Data\Malwarebytes
2008-05-16 17:27 . 2008-05-16 17:28 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-16 17:27 . 2008-05-16 17:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-16 17:27 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-16 17:27 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-13 15:44 . 2008-05-16 15:56 <DIR> d-------- C:\Documents and Settings\mum\Application Data\TmpRecentIcons
2008-05-13 14:06 . 2008-05-13 14:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adsl Software Limited
2008-05-03 19:34 . 2008-03-01 14:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-03 19:34 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-03 19:34 . 2007-03-08 06:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-03 19:34 . 2008-03-01 14:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-03 19:34 . 2008-03-01 14:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-03 19:34 . 2008-03-01 14:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-03 19:34 . 2008-03-01 14:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-03 19:34 . 2008-03-01 14:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-03 19:34 . 2008-02-22 11:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-16 14:48 --------- d-----w C:\Program Files\Trend Micro
2008-05-07 23:34 53,192 ----a-w C:\WINDOWS\system32\drivers\rp_skt32.sys
2008-04-09 13:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-28 17:19 41,984 ----a-w C:\WINDOWS\system32\sp.exe
2008-03-28 09:39 41,984 ----a-w C:\WINDOWS\superproxy.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-17 16:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-17 16:18 --------- d-----w C:\Program Files\DS-3200 Wireless Optical Slimline Deskset
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2005-03-31 22:17 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2008-05-16_18.34.39.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-16 17:19:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-17 10:12:07 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-13 01:55:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-05-16 21:31:28 3,391,488 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-05-16 21:31:28 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-05-13 01:55:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-05-16 21:02:25 577,536 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-05-16 21:02:25 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2008-05-16 17:19:23 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-05-16 21:27:56 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-05-16 17:19:23 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-05-16 21:27:56 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-05-16 17:19:23 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-05-16 21:27:56 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 13:00 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe" [2007-09-05 15:09 61168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 18:35 32768]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-06-10 15:20 1397760]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-01-05 19:34 40960]
"WireLessMouse"="C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe" [2005-08-30 15:35 303104]
"WireLessKeyboard"="C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe" [2005-08-30 11:51 319488]
"PCguard"="C:\Program Files\Virgin Broadband\PCguard\RPS.exe" [2007-09-05 15:10 310000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe" [2007-09-05 15:09 61168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

C:\Documents and Settings\mum\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\-FreedomNeedsReboot]
--a------ 2007-09-05 15:10 13552 C:\Program Files\Virgin Broadband\PCguard\ZkRunOnceR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadbandadvisor.exe]
--a------ 2007-08-07 19:49 2061552 C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dumprep]
C:\WINDOWS\system32\spoolc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCguard]
--a------ 2007-09-05 15:10 310000 C:\Program Files\Virgin Broadband\PCguard\Rps.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\WINDOWS\\system32\\sp.exe"=
"C:\\WINDOWS\\superproxy.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 AntiSpyFilter;AntiSpyFilter;C:\WINDOWS\system32\DRIVERS\antispyfilter.sys [2007-08-30 19:08]
S3 FXDRV;FXDRV;E:\Fxdrv.sys []
S3 INFUSB;INFUSB;C:\WINDOWS\system32\drivers\infusb.sys [2007-09-11 12:38]
S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-05-05 20:46]
S3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-08-17 14:47]
S3 Radialpoint Security Services;Virgin Broadband PCguard;C:\WINDOWS\system32\dllhost.exe [2006-02-28 13:00]
S3 snpstd2;USB PC Camera (SN9C103);C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-03-22 22:31]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-17 09:30:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-05-08 02:00:17 C:\WINDOWS\Tasks\MacroVirus Scheduled Scan.job"
- C:\Program Files\MacroVirus\MacroVirus.ex
- C:\Program Files\MacroVirus
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-17 11:13:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Virgin Broadband\PCguard\Fws.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Virgin Broadband\PCguard\rpsupdaterr.exe
.
**************************************************************************
.
Completion time: 2008-05-17 11:20:23 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-17 10:20:12
ComboFix2.txt 2008-05-17 00:21:44
ComboFix3.txt 2008-05-16 17:41:20

Pre-Run: 34,141,802,496 bytes free
Post-Run: 34,141,261,824 bytes free

189 --- E O F --- 2008-05-04 22:58:30

    Advertisements

Register to Remove

#17 RatHat

RatHat

    Retired Staff-Malware Expert

  • Authentic Member
  • PipPipPipPip
  • 816 posts

Posted 17 May 2008 - 05:11 AM

Good morning!

Starting to look better! Hows the machine performing now?

OK, could you run the Kaspersky Online Scan for me, as outlined in my first post. Save the log it creates as Kaspersky.txt and either attach it or include it in your next reply.

Regards,
RatHat

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Want to join the fight against Malware? Click here to find out how.

Please do not PM me asking for support. Post on the forums instead :)
Please post the final results, good or bad. We like to know!

Posted Image

If you feel I have helped you and would like to make a small donation, please click here

#18 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 06:01 AM

hi , machine is running better , still really slow though . im just doing the kaspersky scan , its found 2 virus so far , fingers crossed it might be better after i have removed the infected files :yeah: i will post the verdict once it has finished the scan

Edited by mchash12345, 17 May 2008 - 06:02 AM.

#19 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 10:30 AM

here you go Saturday, May 17, 2008 5:25:14 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 17/05/2008 Kaspersky Anti-Virus database records: 780706 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ F:\ Scan Statistics Total number of scanned objects 35078 Number of viruses found 54 Number of infected objects 658 Number of suspicious objects 3 Duration of the scan process 01:36:32 Infected Object Name Virus Name Last Action C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe Infected: not-a-virus:FraudTool.Win32.MalWarrior.r skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d953eda3e26304d35e06e3f99844845b_8bfd4c7e-3aa0-404c-83c7-ba6e0c400ea4 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Virgin Broadband\PCguard\Logs\FirewallService05-17-2008--12-29-31.log Object is locked skipped C:\Documents and Settings\mum\Application Data\Microsoft\MSNLiveFav\LiveFavorites.xml Object is locked skipped C:\Documents and Settings\mum\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\cert8.db Object is locked skipped C:\Documents and Settings\mum\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\history.dat Object is locked skipped C:\Documents and Settings\mum\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\key3.db Object is locked skipped C:\Documents and Settings\mum\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\parent.lock Object is locked skipped C:\Documents and Settings\mum\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\search.sqlite Object is locked skipped C:\Documents and Settings\mum\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\mum\Cookies\index.dat Object is locked skipped C:\Documents and Settings\mum\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\mum\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\mum\Local Settings\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\mum\Local Settings\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\mum\Local Settings\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\mum\Local Settings\Application Data\Mozilla\Firefox\Profiles\5jof6p0b.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\mum\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\mum\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\mum\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\mum\My Documents\My Received Files\picts-2604.zip/img0794-www.photoshare.com Infected: Trojan-Dropper.Win32.Delf.ajo skipped C:\Documents and Settings\mum\My Documents\My Received Files\picts-2604.zip ZIP: infected - 1 skipped C:\Documents and Settings\mum\NTUSER.DAT Object is locked skipped C:\Documents and Settings\mum\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\CA\PPRT\logs\2008-05-17.csv Object is locked skipped C:\Program Files\Windows Live\Messenger\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cg skipped C:\Program Files\Windows Live\Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj skipped C:\QooBox\Quarantine\C\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe.vir Infected: Trojan.Win32.Inject.adq skipped C:\QooBox\Quarantine\C\Program Files\Common Files\Companion Wizard\WapCHK.dll.vir Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped C:\QooBox\Quarantine\C\WINDOWS\system32\bronto.dll.vir Infected: Backdoor.Win32.Small.ccj skipped C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\kbd.sys.vir Infected: Trojan.Win32.Inject.adt skipped C:\QooBox\Quarantine\C\WINDOWS\system32\vtr.dll.vir Infected: Trojan.Win32.BHO.gt skipped C:\QooBox\Quarantine\C\WINDOWS\system32\WLCtrl32.dll.vir Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\QooBox\Quarantine\catchme2008-05-16_181449.40.zip/symavc32.sys Infected: Trojan.Win32.Srizbi.k skipped C:\QooBox\Quarantine\catchme2008-05-16_181449.40.zip/Vbg40.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\QooBox\Quarantine\catchme2008-05-16_181449.40.zip/YRHD35.sys Infected: Trojan.Win32.Srizbi.k skipped C:\QooBox\Quarantine\catchme2008-05-16_181449.40.zip ZIP: infected - 3 skipped C:\SDFix\backups\backups.zip/backups/AClient.dll Suspicious: Packed.Win32.Morphine.a skipped C:\SDFix\backups\backups.zip/backups/ddubbv.exe Infected: Trojan-Dropper.Win32.Agent.cuv skipped C:\SDFix\backups\backups.zip/backups/fvowketqsle.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\SDFix\backups\backups.zip/backups/mpfanvqg.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\SDFix\backups\backups.zip/backups/oadkxrts.exe Infected: Trojan.Win32.Vapsup.fcy skipped C:\SDFix\backups\backups.zip/backups/pvnsmfor.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\SDFix\backups\backups.zip/backups/vbksrofa.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\SDFix\backups\backups.zip ZIP: infected - 6, suspicious - 1 skipped C:\SDFix\backups\catchme.zip/ntos.exe Infected: Trojan-Spy.Win32.Zbot.blh skipped C:\SDFix\backups\catchme.zip ZIP: infected - 1 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0543786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0543789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0543792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0544786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0544789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0544791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0545786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0545789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0545790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0546786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0546789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0546790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0547786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0547789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP100\A0547790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP101\A0548786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP101\A0548789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP101\A0548790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0549786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0549789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0549790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0550786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0550789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0550790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0551786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0551789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0551790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0552786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0552789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0552790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0553786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0553789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0553791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0554786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0554789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0554790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0555786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0555789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0555791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0556786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0556789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP102\A0556790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0557786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0557789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0557790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0558786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0558789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0558790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0559786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0559789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0559790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0560786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0560789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0560790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0561786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0561789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0561790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0562786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0562789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0562790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0563786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0563789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0563790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0564786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0564789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP103\A0564790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0565786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0565789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0565790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0566786.dll Infected: Trojan-Downloader.Win32.Agent.lkz skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0566789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0566790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0567786.dll Infected: Trojan-Downloader.Win32.Mutant.ah skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0567789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0567791.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0568786.dll Infected: Trojan-Downloader.Win32.Mutant.ah skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0568789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP104\A0568790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP105\A0569786.dll Infected: Trojan-Downloader.Win32.Mutant.ah skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP105\A0569789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP105\A0569790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP105\A0570786.dll Infected: Trojan-Downloader.Win32.Mutant.ah skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP105\A0570789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP105\A0570790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0571786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0571789.sys Infected: Email-Worm.Win32.Agent.du skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0571790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0572786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0572789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0572790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0573786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0573789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0573790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0574786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0574789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP106\A0574790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0575786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0575789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0575790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0576786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0576789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0576790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0577786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0577789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP107\A0577790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0578786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0578789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0578790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0579786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0579789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0579790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0580786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0580789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP108\A0580790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0581786.dll Infected: Trojan-Downloader.Win32.Agent.luo skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0581789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0581790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0582786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0582789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0582790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0583786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0583789.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0583790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0584786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0584789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0584791.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0585786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP109\A0585789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0586786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0586789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0587786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0587789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0588786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0588789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0589786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0589789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0590786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0590789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0590791.sys Infected: Trojan-Downloader.Win32.Agent.lxa skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0590792.exe Infected: Trojan-Proxy.Win32.Agent.sh skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0591786.dll Infected: Trojan-Downloader.Win32.Mutant.bk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0591789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0592786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0592789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0593786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0593789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0594786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0594789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0595786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0595789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0596786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0596789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0597786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0597789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0598786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0598789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0599786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0599789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0600786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0600789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0601786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0601789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0602786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0602789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0603786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0603789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0604786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0604789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0605786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0605789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0606786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0606789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0607786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0607789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0608786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP110\A0608789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0609786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0609789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0610786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0610789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0611786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0611789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0612786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0612789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0613786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0613789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0614786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0614789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0615786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0615789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0615791.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0616786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0616789.sys Infected: Trojan.Win32.Agent.jud skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP111\A0617786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0617806.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0617807.exe Infected: Trojan-Downloader.Win32.Tiny.acp skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0619786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0620786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0621786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0622786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0623786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0624786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0625786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP112\A0626786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0627786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0628786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0629786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0630786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0631786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0632786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0633786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0634786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0635786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0636786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0637786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0638786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0639786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0640786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP113\A0641786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0642786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0643786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0644786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0645786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0646786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0647786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0648786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP114\A0649786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP115\A0650786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP115\A0651786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP115\A0652786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP115\A0653786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP115\A0654786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP115\A0655786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0656786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0657786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0658786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0659786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0660786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0661786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0662786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0663786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0664786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665790.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665791.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch.bg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665793.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665803.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cn skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665805.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665806.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ch skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665807.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch.bg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665808.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665810.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ck skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665811.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665814.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665815.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665818.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cm skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665822.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665824.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.cl skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665826.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665827.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ci skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0665830.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ca skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0666786.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0666787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0667786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0668786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0669786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0670786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0671786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP116\A0672786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP117\A0673786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP117\A0674786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP117\A0675786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP117\A0676786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP117\A0677786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP117\A0678786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP118\A0679786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP118\A0680786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP119\A0680796.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP119\A0682786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP119\A0683786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0684786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0685786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0686786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0687786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0688786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0689794.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0690786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0691786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP120\A0692786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP121\A0693786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP121\A0694786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP121\A0695786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP121\A0696786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP122\A0697786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP122\A0698786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP122\A0699786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP123\A0700786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP123\A0701786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP123\A0702786.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0703787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0704786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0704788.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0705786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0705787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0706786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0706787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0707786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0707787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0708786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP124\A0708787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0709786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0709788.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0710786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0710787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711796.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch.bg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711810.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cn skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711812.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711813.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ch skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711814.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch.bg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711815.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711817.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ck skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711818.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711821.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711822.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711825.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cm skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711829.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711831.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.cl skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0711833.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ci skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0712786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0712787.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ca skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0712788.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.cg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0712790.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.cc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0712793.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0713786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0713787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0714786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0714788.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0714800.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.cb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0715786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0715787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0716786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0716787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0717786.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP125\A0717787.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP126\A0717888.dll Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP126\A0717890.dll Infected: Trojan.Win32.BHO.gt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP126\A0717891.dll Infected: Backdoor.Win32.Small.ccj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP126\A0717893.dll Infected: Trojan-Downloader.Win32.Mutant.bj skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP126\A0717894.sys Infected: Trojan.Win32.Inject.adt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP126\A0717901.exe Infected: Trojan.Win32.Inject.adq skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724790.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724791.exe Infected: Trojan-Dropper.Win32.Agent.cuv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724792.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724793.exe Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724794.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724795.dll Suspicious: Packed.Win32.Morphine.a skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724797.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724804.dll Suspicious: Packed.Win32.Morphine.a skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724806.exe Infected: Trojan-Dropper.Win32.Agent.cuv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724808.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724810.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724811.exe Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724812.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP127\A0724815.dll Infected: Trojan.Win32.Vapsup.fcy skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP131\change.log Object is locked skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP75\A0458839.sys Infected: Rootkit.Win32.Agent.jp skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP82\A0463792.sys Infected: Trojan-Downloader.Win32.Agent.ici skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP82\A0464786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP82\A0464789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0465786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0465791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0465793.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0466786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0466789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0466790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0466792.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0467786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0467789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP83\A0467790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0468786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0468789.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0468794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0468796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0469788.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0469792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0469794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0469796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0470788.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0470793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0470795.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0471786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0471789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0471791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0472786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0472789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0472791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0473786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0473789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0473791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0474786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0474789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0474791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0475786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0475789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0475791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0475795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0476786.dll Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0476789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0476791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0476797.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0476798.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0477786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0477789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0477791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0477796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0478786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0478790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0478792.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0479786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0479789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0479791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0480786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0480790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0480794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0480796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0481787.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0481790.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0481792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0482788.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0482791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0482793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0482796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0483786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0483789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0483791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0484786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0484789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0484791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP84\A0484799.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0485788.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0485791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0485793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0485797.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0486786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0486789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0486790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0487786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0487790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0487794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0488786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0488790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0488794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0489786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0489789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0489791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0489795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0490786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0490789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP85\A0490791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0491786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0491789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0491790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0491796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0492786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0492790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0492794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0492796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0493786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0493789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0493792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP86\A0493795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0493798.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.iuk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0493798.exe/stream Infected: Trojan-Downloader.Win32.Zlob.iuk skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0493798.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0494786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0494789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0494791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0495786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0495790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0495794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0496786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0496790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0496794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP87\A0496795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0497786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0497789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0497791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0498786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0498789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0498791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0499786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0499790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0499794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP88\A0499795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0499796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0500786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0500789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0500791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0501788.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0501791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0501792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0502788.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0502792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0502794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0503788.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0503792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0503795.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0503796.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0504786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0504789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0504791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0504795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0505786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0505790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP89\A0505794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0505797.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0506786.dll Infected: Trojan.Win32.Small.agv skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0506789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0506791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0507788.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0507793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0507795.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0508786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0508789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0508791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP90\A0508795.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0509786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0509790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0509792.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0510786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0510790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0510794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0511788.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0511791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0511793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0512786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0512789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0512791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0513786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0513790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0513794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0514788.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0514791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP91\A0514793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0515786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0515789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0515791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0516786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0516789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0516791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0517786.dll Infected: Trojan-Downloader.Win32.Agent.kep skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0517789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0517791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0518786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0518789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0518791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0519786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0519790.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP92\A0519791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0520787.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0520790.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0520792.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0521786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0521789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0521791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0522786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0522789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0522791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0523786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0523789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0523790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0524788.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0524791.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP93\A0524793.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0525786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0525789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0525791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0526786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0526790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0526794.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0527786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0527789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0527791.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0528786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0528789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP94\A0528790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0529786.dll Infected: Trojan-Downloader.Win32.Agent.kss skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0529789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0529790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0530786.dll Infected: Trojan-Downloader.Win32.Agent.kss skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0530789.sys Infected: Email-Worm.Win32.Agent.db skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0530790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0531786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0531789.sys Infected: Email-Worm.Win32.Agent.db skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0531790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0532786.dll Infected: Trojan-Downloader.Win32.Agent.kif skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0532789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0532790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0533786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0533789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0533790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0534786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0534789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0534790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0535786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0535789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0535790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0536786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0536789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0536790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0537786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0537789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0537790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0538786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0538789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0538790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0539786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0539789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP95\A0539790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP97\A0540786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP97\A0540789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP97\A0540790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP98\A0541786.dll Infected: Trojan-Downloader.Win32.Agent.kvg skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP98\A0541789.sys Infected: Email-Worm.Win32.Agent.e skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP98\A0541790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP99\A0542786.dll Infected: Trojan-Downloader.Win32.Agent.ldb skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP99\A0542787.dll Infected: Trojan.Win32.Agent.eub skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP99\A0542790.sys Infected: Rootkit.Win32.Agent.vc skipped C:\System Volume Information\_restore{ACC500EF-4158-48FB-B02B-888B1EFCE71F}\RP99\A0542792.sys Infected: Email-Worm.Win32.Agent.e skipped C:\WINDOWS\davrrx.exe Infected: Trojan-Downloader.Win32.Agent.fke skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\expacc.exe Infected: Trojan-Downloader.Win32.Diehard.ef skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{46F46970-5680-4FC7-9283-A4624C0F50DE}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\superproxy.exe Infected: Trojan-Proxy.Win32.Agent.sh skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\dumplog.exe Infected: Trojan-Dropper.Win32.Agent.drt skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\sp.exe Infected: Trojan-Proxy.Win32.Agent.sh skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\xnnnav.exe Infected: SpamTool.Win32.Agent.du skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

#20 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 10:39 AM

how do i delete all those nasty trojans :wacko:

#21 RatHat

RatHat

    Retired Staff-Malware Expert

  • Authentic Member
  • PipPipPipPip
  • 816 posts

Posted 17 May 2008 - 11:23 AM

Not quite so many as you might think, so lets run another Combofix script to get rid of them.

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe
C:\Documents and Settings\mum\My Documents\My Received Files\picts-2604.zip
C:\Program Files\Windows Live\Messenger\msimg32.dll
C:\Program Files\Windows Live\Messenger\riched20.dll
C:\WINDOWS\davrrx.exe
C:\WINDOWS\expacc.exe
C:\WINDOWS\superproxy.exe
C:\WINDOWS\system32\drivers\dumplog.exe
C:\WINDOWS\system32\sp.exe
C:\WINDOWS\xnnnav.exe
C:\WINDOWS\system32\umgmknyj.dll
C:\WINDOWS\system32\iaixbagg.ini

Folder::
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited


3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new HijackThis log.
Regards,
RatHat

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Want to join the fight against Malware? Click here to find out how.

Please do not PM me asking for support. Post on the forums instead :)
Please post the final results, good or bad. We like to know!

Posted Image

If you feel I have helped you and would like to make a small donation, please click here

#22 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 11:42 AM

will do it now , thanx

#23 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 12:12 PM

heres the combofix



ComboFix 08-05-15.3 - mum 2008-05-17 18:44:29.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.50 [GMT 1:00]
Running from: C:\Documents and Settings\mum\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\mum\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe
C:\Documents and Settings\mum\My Documents\My Received Files\picts-2604.zip
C:\Program Files\Windows Live\Messenger\msimg32.dll
C:\Program Files\Windows Live\Messenger\riched20.dll
C:\WINDOWS\davrrx.exe
C:\WINDOWS\expacc.exe
C:\WINDOWS\superproxy.exe
C:\WINDOWS\system32\drivers\dumplog.exe
C:\WINDOWS\system32\iaixbagg.ini
C:\WINDOWS\system32\sp.exe
C:\WINDOWS\system32\umgmknyj.dll
C:\WINDOWS\xnnnav.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Adsl Software Limited
C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\mum\My Documents\My Received Files\picts-2604.zip
C:\Program Files\Windows Live\Messenger\msimg32.dll
C:\Program Files\Windows Live\Messenger\riched20.dll
C:\WINDOWS\davrrx.exe
C:\WINDOWS\expacc.exe
C:\WINDOWS\superproxy.exe
C:\WINDOWS\system32\drivers\dumplog.exe
C:\WINDOWS\system32\iaixbagg.ini
C:\WINDOWS\system32\sp.exe
C:\WINDOWS\system32\umgmknyj.dll
C:\WINDOWS\xnnnav.exe

----- BITS: Possible infected sites -----

hxxp://au.doõj
.
((((((((((((((((((((((((( Files Created from 2008-04-17 to 2008-05-17 )))))))))))))))))))))))))))))))
.

2008-05-17 12:38 . <DIR> C:\WINDOWS\LastGood.Tmp
2008-05-17 12:18 . 2008-05-17 12:18 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-17 12:18 . 2008-05-17 12:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-16 22:29 . 2008-05-16 23:43 <DIR> d-------- C:\SDFix
2008-05-16 22:02 . 2008-05-16 22:02 <DIR> d-------- C:\WINDOWS\ERUNT
2008-05-16 17:30 . 2008-05-16 17:30 <DIR> d-------- C:\Documents and Settings\mum\Application Data\Malwarebytes
2008-05-16 17:27 . 2008-05-16 17:28 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-16 17:27 . 2008-05-16 17:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-16 17:27 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-16 17:27 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-13 15:44 . 2008-05-16 15:56 <DIR> d-------- C:\Documents and Settings\mum\Application Data\TmpRecentIcons
2008-05-03 19:34 . 2008-03-01 14:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-03 19:34 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-03 19:34 . 2007-03-08 06:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-03 19:34 . 2008-03-01 14:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-03 19:34 . 2008-03-01 14:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-03 19:34 . 2008-03-01 14:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-03 19:34 . 2008-03-01 14:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-03 19:34 . 2008-03-01 14:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-03 19:34 . 2008-02-22 11:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-16 14:48 --------- d-----w C:\Program Files\Trend Micro
2008-05-07 23:34 53,192 ----a-w C:\WINDOWS\system32\drivers\rp_skt32.sys
2008-04-09 13:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-17 16:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-17 16:18 --------- d-----w C:\Program Files\DS-3200 Wireless Optical Slimline Deskset
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2005-03-31 22:17 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2008-05-16_18.34.39.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-16 17:19:08 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-17 17:51:17 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-13 01:55:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-05-16 21:31:28 3,391,488 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
+ 2008-05-16 21:31:28 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
+ 2008-05-13 01:55:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-05-16 21:02:25 577,536 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT
+ 2008-05-16 21:02:25 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat
- 2008-05-16 17:19:23 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-05-16 21:27:56 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-05-16 17:19:23 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-05-16 21:27:56 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-05-16 17:19:23 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-05-16 21:27:56 81,920 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2005-05-24 11:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 13:00 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe" [2007-09-05 15:09 61168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 18:35 32768]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-06-10 15:20 1397760]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-01-05 19:34 40960]
"WireLessMouse"="C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe" [2005-08-30 15:35 303104]
"WireLessKeyboard"="C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe" [2005-08-30 11:51 319488]
"PCguard"="C:\Program Files\Virgin Broadband\PCguard\RPS.exe" [2007-09-05 15:10 310000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe" [2007-09-05 15:09 61168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

C:\Documents and Settings\mum\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\-FreedomNeedsReboot]
--a------ 2007-09-05 15:10 13552 C:\Program Files\Virgin Broadband\PCguard\ZkRunOnceR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadbandadvisor.exe]
--a------ 2007-08-07 19:49 2061552 C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dumprep]
C:\WINDOWS\system32\spoolc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCguard]
--a------ 2007-09-05 15:10 310000 C:\Program Files\Virgin Broadband\PCguard\Rps.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 AntiSpyFilter;AntiSpyFilter;C:\WINDOWS\system32\DRIVERS\antispyfilter.sys [2007-08-30 19:08]
S3 FXDRV;FXDRV;E:\Fxdrv.sys []
S3 INFUSB;INFUSB;C:\WINDOWS\system32\drivers\infusb.sys [2007-09-11 12:38]
S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-05-05 20:46]
S3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-08-17 14:47]
S3 Radialpoint Security Services;Virgin Broadband PCguard;C:\WINDOWS\system32\dllhost.exe [2006-02-28 13:00]
S3 snpstd2;USB PC Camera (SN9C103);C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-03-22 22:31]

.
Contents of the 'Scheduled Tasks' folder
"2008-05-17 17:30:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-05-08 02:00:17 C:\WINDOWS\Tasks\MacroVirus Scheduled Scan.job"
- C:\Program Files\MacroVirus\MacroVirus.ex
- C:\Program Files\MacroVirus
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-17 18:52:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Virgin Broadband\PCguard\Fws.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Virgin Broadband\PCguard\rpsupdaterr.exe
.
**************************************************************************
.
Completion time: 2008-05-17 19:01:29 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-17 18:01:16
ComboFix2.txt 2008-05-17 10:20:26
ComboFix3.txt 2008-05-17 00:21:44
ComboFix4.txt 2008-05-16 17:41:20

Pre-Run: 34,085,535,744 bytes free
Post-Run: 34,075,525,120 bytes free

195 --- E O F --- 2008-05-04 22:58:30




and heres the hijackthis



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:14, on 17/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Virgin Broadband\PCguard\Fws.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Virgin Broadband\PCguard\rpsupdaterR.exe
C:\Program Files\Virgin Broadband\PCguard\RPS.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.c...uth.srf?lc=2057
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\DS-3200 Wireless Optical Slimline Deskset\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [lanmanwrk.exe clean] C:\WINDOWS\System32\lanmanwrk.exe clean
O4 - HKLM\..\Run: [KernelDrv.exe clean] C:\WINDOWS\System32\KernelDrv.exe clean
O4 - HKLM\..\Run: [PCguard] C:\Program Files\Virgin Broadband\PCguard\RPS.exe
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\Virgin Broadband\PCguard\IdxClnR.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=67633
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...p1.0.0.15-3.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiSpyware Scanning Engine (AntiSpywareSrv) - Unknown owner - (no file)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Virgin Broadband PCguard Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Virgin Broadband\PCguard\rpsupdaterR.exe
O23 - Service: PCguard Firewall (RP_FWS) - Virgin Media - C:\Program Files\Virgin Broadband\PCguard\Fws.exe

--
End of file - 6767 bytes

#24 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 02:37 PM

where has my good freind gone? im going blind staring at this screen for 5 hours now :smack: , only playing , i no a genius needs a break every now and again :notworthy:

#25 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 17 May 2008 - 03:53 PM

ok, i will be back on in the morning sometime , hope to see you then , thanks for the help so far x

    Advertisements

Register to Remove

#26 RatHat

RatHat

    Retired Staff-Malware Expert

  • Authentic Member
  • PipPipPipPip
  • 816 posts

Posted 17 May 2008 - 07:07 PM

That's got rid of some more Junk, now lets run an F-Secure online scan for Viruses, Spyware and RootKits:
  • Go to http://support.f-sec.../home/ols.shtml
  • Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
  • Allow the Active X control to be installed on your computer, then click the Accept button
  • Click Full System Scan and allow the components to download and the scan to complete.
  • If malware is found, check Submit samples to F-Secure then select Automatic cleaning
  • When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
  • Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan
  • When the cleaning option is presented, Uncheck Submit samples to F-Secure
  • Click Automatic cleaning
  • When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
  • Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
Notes:
  • This scan will only work with Internet Explorer
  • You must have administrator rights to run this scan
  • This scan can take a while, so please be patient

Regards,
RatHat

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Want to join the fight against Malware? Click here to find out how.

Please do not PM me asking for support. Post on the forums instead :)
Please post the final results, good or bad. We like to know!

Posted Image

If you feel I have helped you and would like to make a small donation, please click here

#27 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 18 May 2008 - 09:07 AM

Scanning Report Sunday, May 18, 2008 12:30:10 - 16:06:05 Computer name: DESKTOP-FF5A152 Scanning type: Scan system for malware, rootkits Target: C:\ F:\ Result: 1 malware found Tracking Cookie (spyware) * System Statistics Scanned: * Files: 26140 * System: 3211 * Not scanned: 7 Actions: * Disinfected: 0 * Renamed: 0 * Deleted: 0 * None: 1 * Submitted: 0 Files not scanned: * C:\PAGEFILE.SYS * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT * C:\WINDOWS\SYSTEM32\CONFIG\SAM * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM * C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D953EDA3E26304D35E06E3F99844845B_8BFD4C7E-3AA0-404C-83C7-BA6E0C400EA4 Options Scanning engines: * F-Secure USS: 2.30.0 * F-Secure Hydra: 2.8.8110, 2008-05-17 * F-Secure AVP: 7.0.171, 2008-05-18 * F-Secure Pegasus: 1.20.0, 2008-04-15 * F-Secure Blacklight: 1.0.68 Scanning options: * Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR * Use Advanced heuristics Copyright © 1998-2007 Product support |Send virus sample to F-Secure F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

#28 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 18 May 2008 - 12:24 PM

have i done it right?

#29 mchash12345

mchash12345

    Authentic Member

  • Authentic Member
  • PipPip
  • 21 posts

Posted 18 May 2008 - 03:14 PM

is my man comming back to help me ? :popcorn:

#30 RatHat

RatHat

    Retired Staff-Malware Expert

  • Authentic Member
  • PipPipPipPip
  • 816 posts

Posted 18 May 2008 - 06:04 PM

I'm still here, had to take my daughter out to the beach though, so a busy day yesterday!

OK, lets uninstall Combofix:
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the /u, it needs to be there.
    Posted Image

Now could you run ATF Cleaner again, as outlined in my first post. Then post me a fresh HijackThis log, and let me know how your computer is behaving now.

Regards,
RatHat

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Want to join the fight against Malware? Click here to find out how.

Please do not PM me asking for support. Post on the forums instead :)
Please post the final results, good or bad. We like to know!

Posted Image

If you feel I have helped you and would like to make a small donation, please click here

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·