PDA

View Full Version : Virtumonde on my system, please help.



inaph
2007-08-23, 04:01
I ran a trend micro scan and it acts like it's removing Virtumonde but s&d still finds it. The computer in question is offline and in order to post the av log I would need to transfer it to a floppy and post from this system. I can do that if necessary but I'd have to buy some floppies seeing as I have none around :( . Please let me know. Meanwhile here it is...

Logfile of HijackThis v1.99.1
Scan saved at 8:15:22 PM, on 8/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Macro Express3\MacExp.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Corel\Corel Graphics 12\PROGRAMS\CORELDRW.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\xevbgsho.exe
C:\WINDOWS\system32\vuueoadk.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\kiksboov.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Dc inc.
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [bryidzzA] C:\WINDOWS\bryidzzA.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\wciaqoxv.dll",forkonce
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Macro Express 3.lnk = C:\Program Files\Macro Express3\MacExp.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.drivecleaner.com
O15 - Trusted Zone: *.errorprotector.com
O15 - Trusted Zone: *.errorsafe.com
O15 - Trusted Zone: *.systemdoctor.com
O15 - Trusted Zone: *.winantispyware.com
O15 - Trusted Zone: *.winantivirus.com
O15 - Trusted Zone: *.winfixer.com
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://acrmainsrv:4343/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - https://acrmainsrv:4343/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://acrmainsrv:4343/officescan/console/ClientInstall/setup.cab
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://acrmainsrv:4343/SMB/console/html/root/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://acrmainsrv:4343/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/eng/poker_2_0_0_47.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = acr.dcinc
O17 - HKLM\Software\..\Telephony: DomainName = acr.dcinc
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = acr.dcinc
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

teacup61
2007-08-23, 16:04
Hello inaph,

Welcome to Safer Networking Forums :)

1. Download this file - combofix.exe (http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe)
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall.

Thanks,
tea

inaph
2007-08-23, 20:42
Thanks tea, did as you suggested (holy cow combofix deleted a bunch of crap, great).. Tried to post results and I get the following error msg from the forum.

The text that you have entered is too long (60607 characters). Please shorten it to 20000 characters long.

I read in the sticky not to attach logs but to put them in the body of the post. Awaiting further instruction.

Thanks again,
inaph

teacup61
2007-08-24, 05:52
Hello,

You're welcome. :) How is it running?

Use as many posts as it takes. I really need to see that log, please. :) Still quite a bit to do.

Thank you!
tea

inaph
2007-08-24, 18:09
The system is running much better... like night and day. Here are the logs as requested.

ComboFix 07-08-23.5 - "kennyh" 2007-08-23 12:28:49.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.204 [GMT -4:00]
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\ADMINI~1.SCR\APPLIC~1\microsoft\internet explorer\quick launch\intern~1.lnk
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\winantispyware 2007
C:\DOCUME~1\kennyh\err.log
C:\DOCUME~1\kennyh\STARTM~1\Programs.\Outerinfo
C:\DOCUME~1\kennyh\STARTM~1\Programs.\Outerinfo\Terms.lnk
C:\DOCUME~1\kennyh\STARTM~1\Programs.\Outerinfo\Uninstall.lnk
C:\Program Files\Common Files\racle~1
C:\Program Files\Common Files\racle~1\?racle\
C:\Program Files\Common Files\WinAntiSpyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\Online Services\qufaqygi.dll
C:\Program Files\outerinfo
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\TTC.dll
C:\Program Files\WinAntiSpyware 2007
C:\Program Files\winantispyware 2007\Activate.dat
C:\Program Files\winantispyware 2007\appupdate.dat
C:\Program Files\winantispyware 2007\AsAgents.xml
C:\Program Files\winantispyware 2007\atl71.dll
C:\Program Files\winantispyware 2007\AutoProcess.dat
C:\Program Files\winantispyware 2007\bnlink.dat
C:\Program Files\winantispyware 2007\database\enemies.dat
C:\Program Files\winantispyware 2007\database\knownfiles.dat
C:\Program Files\winantispyware 2007\database\TEBase.dat
C:\Program Files\winantispyware 2007\database\vbpv.dat
C:\Program Files\winantispyware 2007\dbupdate.dat
C:\Program Files\winantispyware 2007\fopnl.dll
C:\Program Files\winantispyware 2007\InstHelp.exe
C:\Program Files\winantispyware 2007\InstUp.exe
C:\Program Files\winantispyware 2007\lapv.dat
C:\Program Files\winantispyware 2007\license.rtf
C:\Program Files\winantispyware 2007\manual.pdf
C:\Program Files\winantispyware 2007\manual.url
C:\Program Files\winantispyware 2007\mfc71.dll
C:\Program Files\winantispyware 2007\msvcp71.dll
C:\Program Files\winantispyware 2007\msvcr71.dll
C:\Program Files\winantispyware 2007\ps.dat
C:\Program Files\winantispyware 2007\pv.dat
C:\Program Files\winantispyware 2007\quaratine.dat\#post_quarantine
C:\Program Files\winantispyware 2007\readme.rtf
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\04873279f88d423424300f91\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\04873279f88d423424300f91\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\16279b6198954b4cbf1c9bb1\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\16279b6198954b4cbf1c9bb1\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\1a2993c09a9149f9d981488c\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\1a2993c09a9149f9d981488c\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\1be3d7aa9cf54d265d85e2ac\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\1be3d7aa9cf54d265d85e2ac\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\1f400b593cbc4c76469f7794\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\1f400b593cbc4c76469f7794\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\235ec5c7ea984610c2826ab2\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\235ec5c7ea984610c2826ab2\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\2457fc8d3b9240bec997f7b8\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\2edf6f599c294c693c6d44a5\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\2edf6f599c294c693c6d44a5\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\2ef0358b12044590a56347be\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\35645dce55b443e4bcb72cae\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\36507559908c41cd50a0649a\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\377b77935f314bb396a7fcae\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\377b77935f314bb396a7fcae\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\37ac13546d8b4499744030b9\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\410b7d8ac87c4a6a5b434d84\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\410b7d8ac87c4a6a5b434d84\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4217bbb18c4445a6746c99b4\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4217bbb18c4445a6746c99b4\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\421d4bf88be546c107b68088\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\421d4bf88be546c107b68088\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4282a6df52a6427e58ccf193\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4282a6df52a6427e58ccf193\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4bf066a54b1347872144d6bb\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4bf066a54b1347872144d6bb\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\4bf066a54b1347872144d6bb\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\50d274e2fe1740c96832a9bc\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\50d274e2fe1740c96832a9bc\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\55ca8087703742034e3a09b6\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\55ca8087703742034e3a09b6\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\5711446565bc428d2ca2909f\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\5711446565bc428d2ca2909f\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\6e8fb70d804c44b517bcca93\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\718bf5ac16ee49038b721db4\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\718bf5ac16ee49038b721db4\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\78ae5874bc14448a0ccb559f\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\78ae5874bc14448a0ccb559f\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\79b1651bbbd04bdd1a167c9a\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\7c2df913f764407c69411181\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\7c2df913f764407c69411181\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\7c85194a2ec84a30df68189a\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\7c85194a2ec84a30df68189a\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8155628881674d07cf303489\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8155628881674d07cf303489\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\88955997713b4ed60dde99a9\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\88ac4eee80014ce6c09403b6\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\88ac4eee80014ce6c09403b6\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8b4cea3f13554cce020932a0\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8b4cea3f13554cce020932a0\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8baa43906966464ab6d58aa6\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8cfe656d4bec4e2a70ee2e82\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\8cfe656d4bec4e2a70ee2e82\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\a363a8e06be049c0c8832ca1\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\a363a8e06be049c0c8832ca1\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\a981d323c3664856c81443a0\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\aad16bc396134f69249048a4\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\aad16bc396134f69249048a4\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\aff3a18688fb4c0e71a14f81\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\b4522c47cf104bbd70fd018a\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\b4522c47cf104bbd70fd018a\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\bab2b974eebe487c7853a799\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\bab2b974eebe487c7853a799\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\bab2b974eebe487c7853a799\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\c0f5a39b9a094d3ff67ac38c\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\c28077cf999e41a613adfe93\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\c59d6e9f919b4a85f9f39bab\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\c59d6e9f919b4a85f9f39bab\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\cc99c0b49ff747bf8ec7cab8\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\d0c720ecc6db4913623e4eb5\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\d0c720ecc6db4913623e4eb5\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\d43f289ecb054896bfedaf8c\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\d43f289ecb054896bfedaf8c\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\e87d6ae17a50489b804f6eb6\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\e87d6ae17a50489b804f6eb6\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\ecf5cc6fddec4df4569d9986\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\ecf5cc6fddec4df4569d9986\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\f2944f9f36344325b69ced9d\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\f2944f9f36344325b69ced9d\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\f4232d2050784d887d9aeda9\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\f4232d2050784d887d9aeda9\#startup
C:\Program Files\winantispyware 2007\RTMonitor.dat\9ce5252b3f554d1a465f4199\fe8c8c07348442cdd229a489\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\2751d8788d374c176bb2b6a0\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\2751d8788d374c176bb2b6a0\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\2751d8788d374c176bb2b6a0\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\74ef9fa076eb4259f68c8cae\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\74ef9fa076eb4259f68c8cae\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\74ef9fa076eb4259f68c8cae\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\d0e7ad2a690d403224d47eaf\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\d0e7ad2a690d403224d47eaf\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\09a2984f82bf48789fabb292\d0e7ad2a690d403224d47eaf\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\09d4ed36c83f4325013792bf\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\09d4ed36c83f4325013792bf\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\09d4ed36c83f4325013792bf\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\09d4ed36c83f4325013792bf\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\0ce5a00f3abf46c43ee8bdba\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\0ce5a00f3abf46c43ee8bdba\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\0ce5a00f3abf46c43ee8bdba\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1119af28485e42bffd77ddab\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1119af28485e42bffd77ddab\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1119af28485e42bffd77ddab\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1119af28485e42bffd77ddab\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1261b86b22fd40ea6458a0aa\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1261b86b22fd40ea6458a0aa\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1261b86b22fd40ea6458a0aa\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1261b86b22fd40ea6458a0aa\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\16da34c436b148e8f19accbb\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\16da34c436b148e8f19accbb\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\16da34c436b148e8f19accbb\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\16da34c436b148e8f19accbb\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1d74404207914a5ef68aafaf\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1d74404207914a5ef68aafaf\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1d74404207914a5ef68aafaf\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\1d74404207914a5ef68aafaf\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\23d7d232b4d74a64113a7fba\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\23d7d232b4d74a64113a7fba\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\23d7d232b4d74a64113a7fba\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\27b9068ad3c449eaf038e2a9\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\27b9068ad3c449eaf038e2a9\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\27b9068ad3c449eaf038e2a9\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\2f8c635fc86341841d7ab89d\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\2f8c635fc86341841d7ab89d\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\2f8c635fc86341841d7ab89d\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\378fd11e09f7429fe801c3ad\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\378fd11e09f7429fe801c3ad\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\378fd11e09f7429fe801c3ad\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\37f5f01cfc8049a3f27136b4\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\37f5f01cfc8049a3f27136b4\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\37f5f01cfc8049a3f27136b4\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\3f6f2d712f64457f6c83fe8d\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\3f6f2d712f64457f6c83fe8d\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\3f6f2d712f64457f6c83fe8d\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\3f6f2d712f64457f6c83fe8d\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\46935214a4da48717dc1619b\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\46935214a4da48717dc1619b\#internal

inaph
2007-08-24, 18:11
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\46935214a4da48717dc1619b\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\47b14499bda34b897a39ceb5\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\47b14499bda34b897a39ceb5\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\47b14499bda34b897a39ceb5\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\47b14499bda34b897a39ceb5\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4b01a767417d4cef23e24ca3\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4b01a767417d4cef23e24ca3\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4b01a767417d4cef23e24ca3\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4d546dba636f450f5c6ac3b2\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4d546dba636f450f5c6ac3b2\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4d546dba636f450f5c6ac3b2\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\4d546dba636f450f5c6ac3b2\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\66902ff9661d4ed669fe5b90\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\66902ff9661d4ed669fe5b90\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\66902ff9661d4ed669fe5b90\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\6ebc0a861e3745ccf880deba\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\6ebc0a861e3745ccf880deba\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\6ebc0a861e3745ccf880deba\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73339efe64c24bc8961bfaa8\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73339efe64c24bc8961bfaa8\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73339efe64c24bc8961bfaa8\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73d39d9a1982474e5e32dbb1\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73d39d9a1982474e5e32dbb1\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73d39d9a1982474e5e32dbb1\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73d39d9a1982474e5e32dbb1\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73f3af75c3bf49c4680cf7a4\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73f3af75c3bf49c4680cf7a4\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73f3af75c3bf49c4680cf7a4\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\73f3af75c3bf49c4680cf7a4\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\777b71c138d34f74b4b76fa6\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\777b71c138d34f74b4b76fa6\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\777b71c138d34f74b4b76fa6\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8aae9bcb50c44db58870e087\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8aae9bcb50c44db58870e087\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8aae9bcb50c44db58870e087\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8aae9bcb50c44db58870e087\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8dafa690c3144cc9f0874791\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8dafa690c3144cc9f0874791\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\8dafa690c3144cc9f0874791\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\9089ce108de344c48a2e038b\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\9089ce108de344c48a2e038b\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\9089ce108de344c48a2e038b\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\9089ce108de344c48a2e038b\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a19b11909dc947e00c891a81\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a19b11909dc947e00c891a81\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a19b11909dc947e00c891a81\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a19b11909dc947e00c891a81\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a5c2430853a84f46c03c6596\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a5c2430853a84f46c03c6596\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\a5c2430853a84f46c03c6596\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\adc03e3a8e4a421a43482e9b\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\adc03e3a8e4a421a43482e9b\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\adc03e3a8e4a421a43482e9b\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\adc03e3a8e4a421a43482e9b\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\b05dcaff190d4ce07a5aa683\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\b05dcaff190d4ce07a5aa683\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\b05dcaff190d4ce07a5aa683\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\be3684f3f4734d9219433289\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\be3684f3f4734d9219433289\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\be3684f3f4734d9219433289\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\bf694d434b3c4f865d532da5\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\bf694d434b3c4f865d532da5\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\bf694d434b3c4f865d532da5\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\cf3aadea35b940e5fd559bbe\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\cf3aadea35b940e5fd559bbe\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\cf3aadea35b940e5fd559bbe\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\cfd84c4ef9d7438394d47c97\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\cfd84c4ef9d7438394d47c97\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\cfd84c4ef9d7438394d47c97\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\dfd80fc5a69640eb5337e1bd\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\dfd80fc5a69640eb5337e1bd\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\dfd80fc5a69640eb5337e1bd\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\dfd80fc5a69640eb5337e1bd\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\e690f14e46a24597460dd39c\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\e690f14e46a24597460dd39c\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\e690f14e46a24597460dd39c\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ecf1b439974543095c46cca8\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ecf1b439974543095c46cca8\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ecf1b439974543095c46cca8\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ee30645256a546ec8b8e558d\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ee30645256a546ec8b8e558d\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ee30645256a546ec8b8e558d\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f3dd27b224d94f8b67fc35b7\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f3dd27b224d94f8b67fc35b7\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f3dd27b224d94f8b67fc35b7\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f3dd27b224d94f8b67fc35b7\kennyh
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f60a10622a214aa06b69cf8c\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f60a10622a214aa06b69cf8c\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f60a10622a214aa06b69cf8c\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f92ccc54c5a945abed4eb3bc\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f92ccc54c5a945abed4eb3bc\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\f92ccc54c5a945abed4eb3bc\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\faa9049debdd4cddd4c68c8f\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\faa9049debdd4cddd4c68c8f\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\faa9049debdd4cddd4c68c8f\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\fac1e4d087234abdf4a84dbe\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\fac1e4d087234abdf4a84dbe\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\fac1e4d087234abdf4a84dbe\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\fb23ca735ca4406b0d7fa19b\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\fb23ca735ca4406b0d7fa19b\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\fb23ca735ca4406b0d7fa19b\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ff560a34791049d2b2e202b0\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ff560a34791049d2b2e202b0\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\1e2cac0418aa4c5bbe141bb8\ff560a34791049d2b2e202b0\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\29e295869a5a484deadf5d93\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\29e295869a5a484deadf5d93\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\29e295869a5a484deadf5d93\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\44d9cc9cc2444877d9a177b1\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\44d9cc9cc2444877d9a177b1\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\44d9cc9cc2444877d9a177b1\#name
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\663285d9534a4de67d78ba9c\#data
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\663285d9534a4de67d78ba9c\#internal
C:\Program Files\winantispyware 2007\RTMonitor.dat\f00249601bd04f21c208f5aa\a81930e19f974fb31020d8b7\663285d9534a4de67d78ba9c\#name

inaph
2007-08-24, 18:12
C:\Program Files\winantispyware 2007\scanlog.xml
C:\Program Files\winantispyware 2007\settings.ini
C:\Program Files\winantispyware 2007\shellext.xml
C:\Program Files\winantispyware 2007\sr.log
C:\Program Files\winantispyware 2007\Summary.dat
C:\Program Files\winantispyware 2007\support.url
C:\Program Files\winantispyware 2007\tasks.dat
C:\Program Files\winantispyware 2007\threatnet.dat
C:\Program Files\winantispyware 2007\threatnet.ini
C:\Program Files\winantispyware 2007\unins000.dat
C:\Program Files\winantispyware 2007\unins000.exe
C:\Program Files\winantispyware 2007\uninstall.ico
C:\Program Files\winantispyware 2007\UnWizard.exe
C:\Program Files\winantispyware 2007\unwizard.xml
C:\Program Files\winantispyware 2007\up.dat
C:\Program Files\winantispyware 2007\updater.dat
C:\Program Files\winantispyware 2007\WAS7.url
C:\Program Files\winantispyware 2007\WAS7.xml
C:\Program Files\WindowsUpdate\mesowi4444.dll
C:\Program Files\WindowsUpdate\mesowi83122.dll
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fse
C:\Temp\fse\tmpZTF.log
C:\WINDOWS\asks~1
C:\WINDOWS\bryidzz.exe
C:\WINDOWS\bryidzzA.exe
C:\WINDOWS\setup.exe
C:\WINDOWS\system32\abipaxcp.exe
C:\WINDOWS\system32\aewfxden.exe
C:\WINDOWS\system32\aeykhiou.exe
C:\WINDOWS\system32\agujopvw.exe
C:\WINDOWS\system32\ajkvdmeo.exe
C:\WINDOWS\system32\ajooatyv.exe
C:\WINDOWS\system32\amhrdhew.exe
C:\WINDOWS\system32\avwcshkx.exe
C:\WINDOWS\system32\awrfdjip.exe
C:\WINDOWS\system32\awtqpmk.dll
C:\WINDOWS\system32\besvmaeo.exe
C:\WINDOWS\system32\bffcvybp.exe
C:\WINDOWS\system32\bfkoikit.exe
C:\WINDOWS\system32\bnjmaejm.exe
C:\WINDOWS\system32\bnrpnqmj.exe
C:\WINDOWS\system32\bqjtspic.exe
C:\WINDOWS\system32\bqtlenak.exe
C:\WINDOWS\system32\brtkblnr.exe
C:\WINDOWS\system32\bsfitbyq.exe
C:\WINDOWS\system32\burlxqdc.exe
C:\WINDOWS\system32\cbmlnduy.exe
C:\WINDOWS\system32\celbxfpb.exe
C:\WINDOWS\system32\cigxbcwn.exe
C:\WINDOWS\system32\cketnwgk.exe
C:\WINDOWS\system32\cmfypoxs.ini
C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup
C:\WINDOWS\system32\configs
C:\WINDOWS\system32\configs\kmhp83122.exe
C:\WINDOWS\system32\csqmoipn.exe
C:\WINDOWS\system32\cvapelwu.exe
C:\WINDOWS\system32\dckoujcw.exe
C:\WINDOWS\system32\ddayw.dll
C:\WINDOWS\system32\ddddspgg.exe
C:\WINDOWS\system32\ddewnlxv.exe
C:\WINDOWS\system32\dfwojhci.exe
C:\WINDOWS\system32\driver
C:\WINDOWS\system32\driver\w717.exe
C:\WINDOWS\system32\drivers\ApiMon.sys
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\dwjtobbq.exe
C:\WINDOWS\system32\egwuuicm.exe
C:\WINDOWS\system32\eievxnjl.exe
C:\WINDOWS\system32\eivocblb.exe
C:\WINDOWS\system32\ejejysvq.exe
C:\WINDOWS\system32\ekordjcq.exe
C:\WINDOWS\system32\enogcocl.exe
C:\WINDOWS\system32\enphppnu.exe
C:\WINDOWS\system32\epslooff.exe
C:\WINDOWS\system32\eswwokcf.exe
C:\WINDOWS\system32\eujmmyao.exe
C:\WINDOWS\system32\euxuioeg.exe
C:\WINDOWS\system32\evmqhejm.exe
C:\WINDOWS\system32\evwkitjr.exe
C:\WINDOWS\system32\ewqldtbh.exe
C:\WINDOWS\system32\eyqloshg.exe
C:\WINDOWS\system32\f02WtR
C:\WINDOWS\system32\F2
C:\WINDOWS\system32\F3
C:\WINDOWS\system32\fhfhgolc.exe
C:\WINDOWS\system32\fjiucjmp.exe
C:\WINDOWS\system32\fjydirhp.exe
C:\WINDOWS\system32\fpaccykj.exe
C:\WINDOWS\system32\fpqmrrix.exe
C:\WINDOWS\system32\fqptoclq.exe
C:\WINDOWS\system32\frwgxmyv.exe
C:\WINDOWS\system32\fvvxswoi.exe
C:\WINDOWS\system32\fxkkbbxd.exe
C:\WINDOWS\system32\fycwtrfp.exe
C:\WINDOWS\system32\gcqxgbgx.exe
C:\WINDOWS\system32\gdfophfm.exe
C:\WINDOWS\system32\ggliuxpq.exe
C:\WINDOWS\system32\giaujcax.exe
C:\WINDOWS\system32\gkqeayou.exe
C:\WINDOWS\system32\goqrhkdk.exe
C:\WINDOWS\system32\gosukaga.exe
C:\WINDOWS\system32\gryrjkfk.exe
C:\WINDOWS\system32\gscvudrq.exe
C:\WINDOWS\system32\gxucwqup.exe
C:\WINDOWS\system32\haenxxqs.exe
C:\WINDOWS\system32\hgghhif.dll
C:\WINDOWS\system32\hjtnsxfb.exe
C:\WINDOWS\system32\hnbfxirq.exe
C:\WINDOWS\system32\hpdpajep.exe
C:\WINDOWS\system32\hqrprpsw.exe
C:\WINDOWS\system32\hqtjxyyr.exe
C:\WINDOWS\system32\hxxphswt.exe
C:\WINDOWS\system32\hyjkxiye.exe
C:\WINDOWS\system32\iarcgbpd.exe
C:\WINDOWS\system32\ieddhmvf.exe
C:\WINDOWS\system32\ieqmgegb.exe
C:\WINDOWS\system32\igouqpbt.exe
C:\WINDOWS\system32\ihlefxer.exe
C:\WINDOWS\system32\ijubuahm.exe
C:\WINDOWS\system32\iolwxwal.exe
C:\WINDOWS\system32\iwwugehv.exe
C:\WINDOWS\system32\jceiljuc.exe
C:\WINDOWS\system32\jedhachi.exe
C:\WINDOWS\system32\jhyxqhtd.exe
C:\WINDOWS\system32\jkmoomjq.exe
C:\WINDOWS\system32\jncwvarn.exe
C:\WINDOWS\system32\jodqemel.exe
C:\WINDOWS\system32\jonxmgid.exe
C:\WINDOWS\system32\jqnfgjri.exe
C:\WINDOWS\system32\jyhcejdg.exe
C:\WINDOWS\system32\katomueu.exe
C:\WINDOWS\system32\kclgnpuj.exe
C:\WINDOWS\system32\kdspwdkp.exe
C:\WINDOWS\system32\kiksboov.exe
C:\WINDOWS\system32\kjxtginc.exe
C:\WINDOWS\system32\kkbkwhli.exe
C:\WINDOWS\system32\kkvgqiec.exe
C:\WINDOWS\system32\kvfnekrm.exe
C:\WINDOWS\system32\lcesnkgl.exe
C:\WINDOWS\system32\lefqhcoi.exe
C:\WINDOWS\system32\leiuprlh.exe
C:\WINDOWS\system32\lgqgnjdg.exe
C:\WINDOWS\system32\lgrcrawc.exe
C:\WINDOWS\system32\liyqlrbd.exe
C:\WINDOWS\system32\ljdgixfr.exe
C:\WINDOWS\system32\lmilderd.exe
C:\WINDOWS\system32\lobgjfwx.exe
C:\WINDOWS\system32\lpaorrmr.exe
C:\WINDOWS\system32\ltfaxoxu.exe
C:\WINDOWS\system32\ltnfndml.exe
C:\WINDOWS\system32\lublmnfj.exe
C:\WINDOWS\system32\luhgvqbx.exe
C:\WINDOWS\system32\lwlwcjxe.exe
C:\WINDOWS\system32\lxdcuxod.exe
C:\WINDOWS\system32\meggxfrj.exe
C:\WINDOWS\system32\mgvhiuxx.exe
C:\WINDOWS\system32\mipnfnjh.exe
C:\WINDOWS\system32\mnuebabo.exe
C:\WINDOWS\system32\mpcsdqfc.exe
C:\WINDOWS\system32\mtsnyewl.exe
C:\WINDOWS\system32\mwmqxajy.exe
C:\WINDOWS\system32\ncfoswpy.exe
C:\WINDOWS\system32\neukwaop.exe
C:\WINDOWS\system32\ngbfhvnc.exe
C:\WINDOWS\system32\nljhpcop.exe
C:\WINDOWS\system32\nobuiaxb.exe
C:\WINDOWS\system32\nwjxlytl.exe
C:\WINDOWS\system32\oashikcs.exe
C:\WINDOWS\system32\obmumbva.exe
C:\WINDOWS\system32\obqicwgn.exe
C:\WINDOWS\system32\ofpbinit.exe
C:\WINDOWS\system32\ogmjdjvb.exe
C:\WINDOWS\system32\oinoumtw.exe
C:\WINDOWS\system32\olxjypol.exe
C:\WINDOWS\system32\omxodwqk.exe
C:\WINDOWS\system32\oqyehoua.dll
C:\WINDOWS\system32\oumryvaa.exe
C:\WINDOWS\system32\oyoltyft.exe
C:\WINDOWS\system32\pfopnuhs.exe
C:\WINDOWS\system32\phyvoecs.exe
C:\WINDOWS\system32\pjmafvhr.exe
C:\WINDOWS\system32\ponbvfcb.exe
C:\WINDOWS\system32\poycmdjf.exe
C:\WINDOWS\system32\pppogfjh.exe
C:\WINDOWS\system32\ppxhatog.exe
C:\WINDOWS\system32\pwgyejcc.exe
C:\WINDOWS\system32\pxyrbqgu.exe
C:\WINDOWS\system32\qaighqov.exe
C:\WINDOWS\system32\qbjfntec.exe
C:\WINDOWS\system32\qioaxhnn.exe
C:\WINDOWS\system32\qpkkxbcn.exe
C:\WINDOWS\system32\qrtjvoun.exe
C:\WINDOWS\system32\qxyquwya.exe
C:\WINDOWS\system32\raaomsti.exe
C:\WINDOWS\system32\reimgkyc.exe
C:\WINDOWS\system32\rjcqsqid.exe
C:\WINDOWS\system32\rmcqxtqp.exe
C:\WINDOWS\system32\rnardfim.exe
C:\WINDOWS\system32\rrwxfhgp.exe
C:\WINDOWS\system32\rsdohgji.exe
C:\WINDOWS\system32\rsrokjwg.exe
C:\WINDOWS\system32\rydfuqgj.exe
C:\WINDOWS\system32\sblimneq.exe
C:\WINDOWS\system32\sdeivmph.exe
C:\WINDOWS\system32\sdfdtmso.exe
C:\WINDOWS\system32\skbfoujc.exe
C:\WINDOWS\system32\skeahonp.exe
C:\WINDOWS\system32\sqodbhaq.exe
C:\WINDOWS\system32\stera.exe
C:\WINDOWS\system32\swrtwewo.exe
C:\WINDOWS\system32\sxopyfmc.dll
C:\WINDOWS\system32\sylmoooq.exe
C:\WINDOWS\system32\tamlsxab.exe
C:\WINDOWS\system32\tecpfoso.exe
C:\WINDOWS\system32\tgsetybp.exe
C:\WINDOWS\system32\tgttdwtv.exe
C:\WINDOWS\system32\tibudllp.exe
C:\WINDOWS\system32\tijjvfvg.exe
C:\WINDOWS\system32\tosedngi.exe
C:\WINDOWS\system32\tvuvqhcf.exe
C:\WINDOWS\system32\ueogmtjj.exe
C:\WINDOWS\system32\ufqaquok.exe
C:\WINDOWS\system32\ulxdqldc.exe
C:\WINDOWS\system32\unyykehb.exe
C:\WINDOWS\system32\uqkjukgo.exe
C:\WINDOWS\system32\urqnmjg.dll
C:\WINDOWS\system32\uvcbaiys.exe
C:\WINDOWS\system32\uvyfeefg.exe
C:\WINDOWS\system32\uwsrwbxe.exe
C:\WINDOWS\system32\vbytqclp.exe
C:\WINDOWS\system32\viuutsek.exe
C:\WINDOWS\system32\vofcdpmr.exe
C:\WINDOWS\system32\vortoson.exe
C:\WINDOWS\system32\vrdpinbf.exe
C:\WINDOWS\system32\vuueoadk.exe
C:\WINDOWS\system32\vvtpahua.exe
C:\WINDOWS\system32\wahhcbxk.exe
C:\WINDOWS\system32\waikhdyn.exe
C:\WINDOWS\system32\wajijmur.exe
C:\WINDOWS\system32\wdcquhma.exe
C:\WINDOWS\system32\wjivacdw.exe
C:\WINDOWS\system32\wnsapisv32.exe
C:\WINDOWS\system32\wtmaxotw.exe
C:\WINDOWS\system32\wwwnwbha.exe
C:\WINDOWS\system32\wxktqrsj.exe
C:\WINDOWS\system32\wyadd.bak1
C:\WINDOWS\system32\wyadd.bak2
C:\WINDOWS\system32\wyadd.ini
C:\WINDOWS\system32\wyrowwmr.exe
C:\WINDOWS\system32\xbcmgqre.exe
C:\WINDOWS\system32\xevbgsho.exe
C:\WINDOWS\system32\xeydxonn.exe
C:\WINDOWS\system32\xfakverq.exe
C:\WINDOWS\system32\xiwxtobf.exe
C:\WINDOWS\system32\xnbindtu.exe
C:\WINDOWS\system32\xnmxxnge.exe
C:\WINDOWS\system32\xpsctabg.exe
C:\WINDOWS\system32\xqambctw.exe
C:\WINDOWS\system32\xsdnnfev.exe
C:\WINDOWS\system32\xteaifxf.exe
C:\WINDOWS\system32\xyaesjwo.exe
C:\WINDOWS\system32\ybdfdbbh.exe
C:\WINDOWS\system32\ydgrbkca.exe
C:\WINDOWS\system32\yfmlcdxq.exe
C:\WINDOWS\system32\yhwcnmly.exe
C:\WINDOWS\system32\yqgjoise.exe
C:\WINDOWS\system32\ywptteor.exe
C:\WINDOWS\tk58.exe
C:\WINDOWS\TTC-4444.exe


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_FOPN
-------\LEGACY_WINDOWS_OVERLAY_COMPONENTS
-------\nm


((((((((((((((((((((((((( Files Created from 2007-07-23 to 2007-08-23 )))))))))))))))))))))))))))))))


2007-08-23 12:24 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-05 10:13 <DIR> d-------- C:\Temp
2007-08-02 13:47 4 --a------ C:\WINDOWS\system32\proc625010911.bin
2007-08-02 13:47 <DIR> d-------- C:\DOCUME~1\kennyh\APPLIC~1\GanymedeNet


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-23 12:37 --------- d--h----- C:\Program Files\WindowsUpdate
2007-08-23 12:37 --------- d-------- C:\Program Files\Online Services
2007-08-21 18:56 --------- d-------- C:\Program Files\Macro Express3
2007-06-29 10:24 --------- d-------- C:\DOCUME~1\kennyh\APPLIC~1\AdobeUM
2007-06-29 10:24 --------- d-------- C:\DOCUME~1\kennyh\APPLIC~1\AdobeUM
2002-09-11 10:26 63730 --a------ C:\Program Files\viewsonicinstruct_xp.pdf


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43ADAE9E-6673-3C8D-7C70-4DB6784EF1CC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{61E03DAC-4A48-4CDD-BB91-B1998F0DBF28}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5F8F27E-67D1-46F8-E98F-DF74DCDA01F4}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ezShieldProtector for Px"="C:\WINDOWS\system32\ezSP_Px.exe" [2002-08-20 14:29]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-09-16 08:43]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" [2005-11-03 00:32]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 14:38 C:\WINDOWS\AGRSMMSG.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-10-10 19:15]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-21 10:27]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4567AB12-B980-44A5-B259-9B09EBEA6331}"= C:\Program Files\WinAntiSpyware 2007\shellext.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Quick Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remocon Driver.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk
backup=C:\WINDOWS\pss\Remocon Driver.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe]
dxdllreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ezShieldProtector for Px]
C:\WINDOWS\System32\ezSP_Px.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIO Recovery]
C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe

R2 MLPTDR_B;MLPTDR_B;\??\C:\WINDOWS\system32\MLPTDR_B.sys
R2 ntrtscan;Trend Micro Client/Server Security Agent RealTime Scan;C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
R2 tmlisten;Trend Micro Client/Server Security Agent Listener;C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
R2 TmPreFilter;Trend Micro PreFilter;\??\C:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
R3 smrt;Sony MPEG RealTime encoder board;C:\WINDOWS\system32\DRIVERS\smrt.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -RunBySCM
S3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
S3 WmHidLo;Logitech WingMan USB Filter Driver;C:\WINDOWS\system32\drivers\WmHidLo.sys
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys


Contents of the 'Scheduled Tasks' folder
2007-08-23 16:46:15 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-23 12:51:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-23 12:52:56 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-23 12:52

--- E O F ---

inaph
2007-08-24, 18:17
Logfile of HijackThis v1.99.1
Scan saved at 1:19:55 PM, on 8/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\WINDOWS\TEMP\OT7E35.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Macro Express3\MacExp.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {43ADAE9E-6673-3C8D-7C70-4DB6784EF1CC} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: 0 - {61E03DAC-4A48-4CDD-BB91-B1998F0DBF28} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: 0 - {E5F8F27E-67D1-46F8-E98F-DF74DCDA01F4} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Macro Express 3.lnk = C:\Program Files\Macro Express3\MacExp.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.drivecleaner.com
O15 - Trusted Zone: *.errorprotector.com
O15 - Trusted Zone: *.errorsafe.com
O15 - Trusted Zone: *.systemdoctor.com
O15 - Trusted Zone: *.winantispyware.com
O15 - Trusted Zone: *.winantivirus.com
O15 - Trusted Zone: *.winfixer.com
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/setup.cab
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://scrmainsrv:4343/SMB/console/html/root/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/eng/poker_2_0_0_47.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = scr.dcinc
O17 - HKLM\Software\..\Telephony: DomainName = scr.dcinc
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = scr.dcinc
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Wow huh! :blink:

teacup61
2007-08-24, 22:05
Hello,

Wow is right!!:eek: But thank you so much for posting it. :) Still a lot to do here :

We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make. Open Windows Defender.
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.After all of the fixes are complete it is very important that you enable Real-time Protection again.

Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:

O2 - BHO: (no name) - {43ADAE9E-6673-3C8D-7C70-4DB6784EF1CC} - (no file)
O2 - BHO: 0 - {61E03DAC-4A48-4CDD-BB91-B1998F0DBF28} - (no file)
O2 - BHO: 0 - {E5F8F27E-67D1-46F8-E98F-DF74DCDA01F4} - (no file)
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.drivecleaner.com
O15 - Trusted Zone: *.errorprotector.com
O15 - Trusted Zone: *.errorsafe.com
O15 - Trusted Zone: *.systemdoctor.com
O15 - Trusted Zone: *.winantispyware.com
O15 - Trusted Zone: *.winantivirus.com
O15 - Trusted Zone: *.winfixer.com
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/eng/poker_2_0_0_47.cab

Close all browsers and other windows except for HijackThis!, and click "Fix checked".

Please download the Fix_Protocol reg file from http://downloads.malwareremoval.com/Nel/FixP.zip and unzip it to your desktop.
Double click Fix_Protocol_zones_ranges.reg and allow it to merge with the registry.

Reboot your machine for the changes to take effect.

Your Java is way out of date, which leaves your computer vulnerable.

Updating Java Download the latest version of Java Runtime Environment (JRE) 6u2 (http://java.sun.com/javase/downloads/index.jsp). Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications". Click the "Download" button to the right. Check the box that says: "Accept License Agreement". The page will refresh. Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java. Check any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java version. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.

I'd like you to perform an online virus scan with Kaspersky Online Virus Scanner

Navigate (using Internet Explorer only, other browsers won't work) to the following site: http://www.kaspersky.com/virusscanner

Click the "Kaspersky Online Scanner" button (NOT "Kaspersky File Scanner").

* In the new window that opens, click the "Accept" button to accept the user agreement, install the ActiveX control, and download the program.
* When you get the Windows dialog asking if you want to install this software, click the "Install" button.
* The scanner will download the latest definition files. When the "Update progress" line changes to "Ready" and the "NEXT ->" button lights up with a green arrow, click it.
* Click on the "Scan Settings" button, and in the next window select the "extended" database, and click Ok.
* Under "Please select a target to scan:", click My Computer to start the scan.

When the scan is finished, click the "Save as Text" button, and save the file as kavscan.txt to your Desktop. Close the Kaspersky On-line Scanner window.

Please post the Kaspersky report in your reply, along with a new HijackThis log. Let me know how it's running as well. You're doing a great job here!

Thanks,
tea

inaph
2007-08-29, 22:40
Hi tea, I got hit with a major task at work and have been putting in lots of extra hours. Finally getting the chance to work on this some more (sorry it took so long). The system is alot more stable and runs faster now, but looks like kapersky has found more nasties for us.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, August 29, 2007 3:17:22 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 29/08/2007
Kaspersky Anti-Virus database records: 397765
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 102169
Number of viruses found: 18
Number of infected objects: 531
Number of suspicious objects: 0
Duration of the scan process: 01:09:15

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0093f68b50cb8c2c648ab724b7f59d05_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0371fd33072d98e251d15334df4679ec_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0dee0da6dee27dd741bf570e38a81fff_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1a62338b0b5e4fe50ba76b668e386270_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1c4d26ac675edac1b510613a78b02609_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1f62008b395c3ecde1f2404d718fefe9_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1ff6ee381d6a6aa5a2c25257ebd4b3e2_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\25af5bd290ac288d2b2e782e3eab8e9f_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d8d1cde552e18af1680cc85a41613a3_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3493081ba473eb4edcb981c8dfba7ce2_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\36df537c7ed069ee486d9bd5092e05db_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3b6b17d6a4715894f407d9bb58eecb10_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\4b73a6973d662370b45ad17e7e9b94c6_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\524479644e084885700a833430d41d73_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5effc1ba7928264fa6e44fb8fd0099b1_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6e445cda31e594cc838a7292f4f9faa5_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6e44dd34da4181c06e768dd8ecf1004a_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6fe9f96781b832c5429745214ae2888b_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\72b68e2f4ae47f76f07cc5f02dc41c35_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7356a79276891bf01703d1c53afea46a_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7825695b80d4261e8bfea9877bb36950_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\792c710b715996f17a49a42dcef463e6_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cf454a101f70f3cd14f39768a5e9722_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8b66530fee7d57a64a0f7128acdd4c1a_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8c3410dfbd7c60706b250ad3ebaea2dd_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8e5eb94c48303256d865ae7921e2d600_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\981fd3246d3e09ae628d9506ed765cee_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9a1691f0e74139dca0aa132d3af52537_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9b4e3b79c53f3a388148804d9f3a4edb_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ab6b12e3838323d9de79ebcedf92c204_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad0dc07b87ac7724a38d4e9bee706a49_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ad402bd0143a423006be65f0e81bbbc6_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af1414f73d8e91bafcac4f24736fa103_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\af5bfa6ef0bf0ba8045381b4ff9db60f_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b28b7dd92530c27e9c8a01eb2024bc75_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b4c9dd5eb8c50bbff522b677d3744748_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b66dc440564c64c0b4a8d0a800828b1f_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cb518f783d4d8f0b3f2e94d1c5da0296_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cfd0174d75dbe09f934c620569fac5b6_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d4ddd011a85b7bc678a4d3055d2f69a1_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\dd5ee5ace365a1caba0e6bd94870c305_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\deed229bf928bb475d6aa708a7c0aba3_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e5c3f8dad064fdd0311f9ad9a3bd42b9_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e6f60a24c57853dabc61d682a0b1d3d5_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\eba1f0301c2bbabde26da05af0d9c64f_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ed0b2afae696379d7f122c7812584fce_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f64bc420d2ee1d1c1e3b31ad96c670a7_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fb4e113b8cf71ad4cee16167d68b2b0c_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fbe3a637af720f68a06509ee678be16c_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fc7bbc322095a9b4aced70842b993b2a_b7b2c3d1-5c40-41e5-b3e7-e1e82992c019 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-01232007-183240.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\MtData.ldb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\SonicStage\Packages\MtData.mdb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\MtData.ldb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\MtData.mdb Object is locked skipped
C:\Documents and Settings\kennyh\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\kennyh\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\kennyh\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\kennyh\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\kennyh\Local Settings\Temp\~DF8FC2.tmp Object is locked skipped
C:\Documents and Settings\kennyh\Local Settings\Temp\~DF8FCD.tmp Object is locked skipped
C:\Documents and Settings\kennyh\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\kennyh\ntuser.dat Object is locked skipped
C:\Documents and Settings\kennyh\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\RealVNC\VNC4\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\QooBox\Quarantine\C\Program Files\Online Services\qufaqygi.dll.vir Infected: Trojan.Win32.BHO.ab skipped
C:\QooBox\Quarantine\C\Program Files\TTC.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\QooBox\Quarantine\C\Program Files\WinAntiSpyware 2007\InstUp.exe.vir/file2 Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\QooBox\Quarantine\C\Program Files\WinAntiSpyware 2007\InstUp.exe.vir Inno: infected - 1 skipped
C:\QooBox\Quarantine\C\Program Files\WindowsUpdate\mesowi4444.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\QooBox\Quarantine\C\Program Files\WindowsUpdate\mesowi83122.dll.vir Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\QooBox\Quarantine\C\WINDOWS\bryidzz.exe.vir Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\QooBox\Quarantine\C\WINDOWS\bryidzzA.exe.vir Infected: Trojan-Downloader.Win32.VB.ang skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\abipaxcp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\aewfxden.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\aeykhiou.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\agujopvw.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ajkvdmeo.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ajooatyv.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\amhrdhew.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\avwcshkx.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\awrfdjip.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\besvmaeo.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bffcvybp.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bfkoikit.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bnjmaejm.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bnrpnqmj.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bqjtspic.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bqtlenak.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\brtkblnr.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\bsfitbyq.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\burlxqdc.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cbmlnduy.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\celbxfpb.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cigxbcwn.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cketnwgk.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\configs\kmhp83122.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped

inaph
2007-08-29, 22:45
C:\QooBox\Quarantine\C\WINDOWS\system32\configs\kmhp83122.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\csqmoipn.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cvapelwu.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\dckoujcw.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ddddspgg.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ddewnlxv.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\dfwojhci.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\driver\w717.exe.vir Infected: Virus.Win32.Virut.i skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\dwjtobbq.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\egwuuicm.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\eievxnjl.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\eivocblb.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ejejysvq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ekordjcq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\enogcocl.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\enphppnu.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\epslooff.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\eswwokcf.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\eujmmyao.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\euxuioeg.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\evmqhejm.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\evwkitjr.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ewqldtbh.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\eyqloshg.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fhfhgolc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fjiucjmp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fjydirhp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fpaccykj.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fpqmrrix.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fqptoclq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\frwgxmyv.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fvvxswoi.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fxkkbbxd.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\fycwtrfp.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gcqxgbgx.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gdfophfm.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ggliuxpq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\giaujcax.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gkqeayou.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\goqrhkdk.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gosukaga.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gryrjkfk.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gscvudrq.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\gxucwqup.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\haenxxqs.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hgghhif.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hjtnsxfb.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hnbfxirq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hpdpajep.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hqrprpsw.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hqtjxyyr.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hxxphswt.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\hyjkxiye.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\iarcgbpd.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ieddhmvf.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ieqmgegb.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\igouqpbt.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ihlefxer.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ijubuahm.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\iolwxwal.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\iwwugehv.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jceiljuc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jedhachi.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jhyxqhtd.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jkmoomjq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jncwvarn.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jodqemel.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jonxmgid.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jqnfgjri.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\jyhcejdg.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\katomueu.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kclgnpuj.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kdspwdkp.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kiksboov.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kjxtginc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kkbkwhli.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kkvgqiec.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\kvfnekrm.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lcesnkgl.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lefqhcoi.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\leiuprlh.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lgqgnjdg.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lgrcrawc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\liyqlrbd.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ljdgixfr.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lmilderd.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lobgjfwx.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lpaorrmr.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ltfaxoxu.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ltnfndml.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lublmnfj.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\luhgvqbx.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lwlwcjxe.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\lxdcuxod.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\meggxfrj.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mgvhiuxx.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mipnfnjh.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mnuebabo.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mpcsdqfc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mtsnyewl.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\mwmqxajy.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ncfoswpy.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\neukwaop.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ngbfhvnc.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\nljhpcop.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\nobuiaxb.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\nwjxlytl.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\oashikcs.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\obmumbva.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\obqicwgn.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ofpbinit.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ogmjdjvb.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\oinoumtw.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\olxjypol.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\omxodwqk.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\oumryvaa.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\oyoltyft.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pfopnuhs.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\phyvoecs.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pjmafvhr.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ponbvfcb.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\poycmdjf.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pppogfjh.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ppxhatog.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pwgyejcc.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pxyrbqgu.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\qaighqov.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\qbjfntec.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\qioaxhnn.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\qpkkxbcn.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\qrtjvoun.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\qxyquwya.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\raaomsti.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\reimgkyc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rjcqsqid.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rmcqxtqp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rnardfim.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rrwxfhgp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rsdohgji.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rsrokjwg.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\rydfuqgj.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\sblimneq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\sdeivmph.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\sdfdtmso.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\skbfoujc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\skeahonp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\sqodbhaq.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\swrtwewo.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\sylmoooq.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tamlsxab.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tecpfoso.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tgsetybp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tgttdwtv.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tibudllp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tijjvfvg.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tosedngi.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tvuvqhcf.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ueogmtjj.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ufqaquok.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ulxdqldc.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\unyykehb.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\uqkjukgo.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\urqnmjg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\uvcbaiys.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\uvyfeefg.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\uwsrwbxe.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\vbytqclp.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\viuutsek.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\vofcdpmr.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\vortoson.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\vrdpinbf.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\vuueoadk.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\vvtpahua.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wahhcbxk.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\waikhdyn.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wajijmur.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wdcquhma.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wjivacdw.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wtmaxotw.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wwwnwbha.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wxktqrsj.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\wyrowwmr.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xbcmgqre.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xevbgsho.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xeydxonn.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xfakverq.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped

inaph
2007-08-29, 22:47
C:\QooBox\Quarantine\C\WINDOWS\system32\xiwxtobf.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xnbindtu.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xnmxxnge.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xpsctabg.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xqambctw.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xsdnnfev.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xteaifxf.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\xyaesjwo.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ybdfdbbh.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ydgrbkca.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\yfmlcdxq.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\yhwcnmly.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\yqgjoise.exe.vir Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ywptteor.exe.vir Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\QooBox\Quarantine\C\WINDOWS\tk58.exe.vir Infected: Trojan.Win32.BHO.ab skipped
C:\QooBox\Quarantine\C\WINDOWS\TTC-4444.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\QooBox\Quarantine\C\WINDOWS\TTC-4444.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\catchme2007-08-23_125116.96.zip/awtqpmk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\QooBox\Quarantine\catchme2007-08-23_125116.96.zip ZIP: infected - 1 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1030\A0047504.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1030\A0047504.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1030\A0047505.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047509.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.r skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047511.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047512.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047513.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047514.exe Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047540.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047541.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047542.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\A0047545.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1031\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1032\A0047548.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1032\A0047550.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1032\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1033\A0047613.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1033\A0047628.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1033\A0047628.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1033\A0047631.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1034\A0047653.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1034\A0047654.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1034\A0047669.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1034\A0047669.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1034\A0047670.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1034\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1035\A0047671.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1035\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1036\A0047706.exe Infected: not-a-virus:Downloader.Win32.WinFixer.x skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1036\A0047708.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1036\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1037\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1038\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1039\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1040\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1041\A0047762.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1041\A0047762.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1041\A0047763.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1041\A0047764.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1041\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1042\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1042\snapshot\MFEX-2.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1043\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1043\snapshot\MFEX-2.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1044\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1044\snapshot\MFEX-2.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1045\A0047769.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1045\A0047770.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1045\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1045\snapshot\MFEX-2.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1052\A0048080.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1052\A0048080.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1052\A0048081.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1053\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048124.exe Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048125.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048126.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048127.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048128.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048129.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048130.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048131.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048132.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048133.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048134.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048135.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048136.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048137.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048138.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048139.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048140.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048141.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048142.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048143.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048144.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048145.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048146.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048147.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048148.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048149.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048150.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048151.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048152.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048153.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048154.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048155.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048156.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048157.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048158.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048159.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048160.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048161.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048162.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048163.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048164.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048165.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048166.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048167.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048168.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048169.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048170.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048171.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048172.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048173.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048174.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048175.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048176.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048177.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048178.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048179.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048180.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048181.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048182.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048183.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048184.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048185.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048186.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048187.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048188.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048189.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048190.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048191.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped

inaph
2007-08-29, 22:48
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048192.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048193.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048194.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048195.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048196.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048197.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048198.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048199.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048200.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048201.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048202.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048203.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048204.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048205.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048206.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048207.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048208.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-
45E9-A3FB-BD70F79FB4CC}\RP1054\A0048209.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048210.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048211.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048212.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048213.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048214.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048215.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048216.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048217.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048218.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048219.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048220.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048221.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048222.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048223.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048224.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048225.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048226.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048227.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048228.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048229.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048230.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048231.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048232.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048233.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048234.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048235.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048236.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048237.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048238.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048239.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048240.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048241.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048242.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048243.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048244.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048245.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048246.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048247.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048248.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048249.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048250.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048251.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048252.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048253.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048254.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048255.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048256.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048257.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048258.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048259.dll Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048260.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048261.exe Infected: Trojan-Downloader.Win32.VB.ang skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048262.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048265.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048266.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048267.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048268.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048269.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048270.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048271.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048272.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048273.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048274.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048275.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048276.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048277.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048278.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048279.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048280.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048281.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048282.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048283.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048284.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048285.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048286.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048287.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048288.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048289.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048290.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048291.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048292.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048293.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048294.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048295.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048296.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048297.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048298.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048299.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048300.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048301.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048302.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048303.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048304.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048305.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048306.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048307.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048308.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048309.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048310.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048311.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048312.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048313.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048314.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048315.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048316.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048317.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048318.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048319.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048320.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped

inaph
2007-08-29, 22:49
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048321.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048322.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048323.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048324.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048325.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048326.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048327.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048328.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048329.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048330.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048331.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048332.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048333.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048334.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048335.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048336.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048337.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048338.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048339.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048340.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048341.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048342.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048343.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048344.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048345.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048346.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048347.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048348.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048349.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048350.exe Infected: Trojan-Downloader.Win32.Tiny.id skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048354.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.b skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048354.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048355.exe Infected: Virus.Win32.Virut.i skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048359.exe/file2 Infected: not-a-virus:Downloader.Win32.WinFixer.t skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048359.exe Inno: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048371.exe Infected: Trojan.Win32.BHO.ab skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048373.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048373.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048375.exe Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048376.exe Infected: Trojan-Downloader.Win32.VB.awj skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\A0048384.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1054\snapshot\MFEX-1.DAT Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{549DE6A1-CCD3-45E9-A3FB-BD70F79FB4CC}\RP1062\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\callcont.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\h323.tsp Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\msgina.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\mst120.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\schannel.dll Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\Netlogon.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\JETF4DF.tmp Object is locked skipped
C:\WINDOWS\Temp\JETF695.tmp Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

inaph
2007-08-29, 22:57
Logfile of HijackThis v1.99.1
Scan saved at 3:27:26 PM, on 8/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Macro Express3\MacExp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Client Server Security Agent\Misc\xpupg.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntupd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Macro Express 3.lnk = C:\Program Files\Macro Express3\MacExp.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/WinNTChk.cab
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupINICtrl Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/setupini.cab
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/setup.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://scrmainsrv:4343/SMB/console/html/root/AtxEnc.cab
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) - https://scrmainsrv:4343/officescan/console/ClientInstall/RemoveCtrl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = scr.dcinc
O17 - HKLM\Software\..\Telephony: DomainName = scr.dcinc
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = scr.dcinc
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe" /Service=VAIOMediaPlatform-VideoServer-AppServer /DisplayName="VAIO Media Video Server (file missing)
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Unknown owner - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-VideoServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\VideoServer\HTTP (file missing)
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)



I don't know how you can make any sense of all this information but as long as you continue to post directions I will continue follow them. I am very thankful for your kind help.

teacup61
2007-08-29, 23:08
Hello,

You're most welcome. :)

Actually, even though this is a very big report it's easy to read. All of the infected files are either in System Restore (and harmless) or in Qoobox, which is a file ComboFix created. We'll get rid of those right now. :)

Please delete ComboFix and it's accompanying folder C:\Qoobox. Empty your recycle bin and reboot your computer.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it ( something you'll remember) and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.

Now all those files are gone. :) Your HijackThis log looks good. :bigthumb: Please remember to reenable Defender!!

If there are no further problems :

Below I have included a number of recommendations on how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously! These few simple steps can stave off the vast majority of spyware problems.

Regularly go to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows, including the latest version of Internet Explorer. This can patch many of the security holes through which attackers can gain access to your computer. You should also turn on the Windows automatic update feature.

It is very important to maintain your Firewall.
A tutorial on understanding and using firewalls may be found here (http://www.bleepingcomputer.com/forums/tutorial60.html).

In order to protect yourself against spyware, you should consider installing and running the following free programs:

SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html)
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here (http://www.bleepingcomputer.com/forums/tutorial49.html).

SpywareGuard (http://www.javacoolsoftware.com/spywareguard.html)
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here (http://www.bleepingcomputer.com/forums/tutorial50.html).

A tutorial on using Spybot to remove spyware from your computer may be found here (http://www.bleepingcomputer.com/forums/tutorial43.html). Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

IE/Spyad:
It places over 5000 malicious websites and domains in your IE's restricted zone.
IE/Spyad (http://www.spywarewarrior.com/uiuc/resource.htm)

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

* Avoid illegal sites, because that's where most malware is present.
* Don't click on links inside popups.
* Don't click on links in spam messages claiming to offer anti-spyware software; because most of these so called removers ARE spyware.
* Download free software only from sites you know and trust. A lot of free software can bundle other software, including spyware.

Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/

Please make sure to run your antivirus software regularly, and to keep it up-to-date.

Take care!
tea