I also ran a kaspersky scan, but it's way too long to post. It scanned 103327 objects, and found 56 viruses, 2357 infected objects, and 2 suspicious objects. x_x
Here's my Hijackthis report:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:16 PM, on 3/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
F3 - REG:win.ini: load=C:\WINDOWS\system32\jkhhf.exe
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS\system32\vtsqo.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\awtstuu.dll (file missing)
O2 - BHO: {e07a214f-c4f1-3648-0d04-b9acda376747} - {747673ad-ca9b-40d0-8463-1f4cf412a70e} - C:\WINDOWS\system32\mrorqvca.dll
O2 - BHO: (no name) - {776E3489-6394-4E76-81AF-4EF3F28E58C2} - C:\WINDOWS\system32\cwrhgmtr.dll
O2 - BHO: (no name) - {8E0A21CA-23AA-4A62-BC2A-DEBA91E5BBAa} - C:\WINDOWS\system32\cwrhgmtr.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O2 - BHO: (no name) - {D2BD5A78-48BD-4328-8365-186EE6A91AE7} - C:\WINDOWS\system32\cwrhgmtr.dll
O2 - BHO: (no name) - {D48E65C2-02D3-4F90-B3A1-E8E3D82A670a} - C:\WINDOWS\system32\cwrhgmtr.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [fresxstyle] lockbar.exe
O4 - HKLM\..\Run: [BM0fc68cc3] Rundll32.exe "C:\WINDOWS\system32\ideqpfqv.dll",s
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [0cf5bf5f] rundll32.exe "C:\WINDOWS\system32\qffidarn.dll",b
O4 - HKLM\..\RunServices: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O4 - Startup: PowerReg Scheduler .exe
O4 - Startup: PowerReg Scheduler .exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: awtstuu - awtstuu.dll (file missing)
O20 - Winlogon Notify: vtsqo - vtsqo.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 9750 bytes

Hi

You haven't replied to the last thread you started ?

http://forums.spybot.info/showthread.php?t=25546

"Problem Downloading Spybot 1.5.2."

Did the suggestions work ? it's only polite the let them know if you got spybot downloaded and run it ? please remember we are all volunteers here ... all we ask for, and seldom get in return is a "Thank You."

I would also like to know if you ran Spybot ?

To clean this heavily infected computer will take a lot of time, meaning many posts over several days, please don't start unless you intend to see it through ...

Your Hijackthis log is full of malware, which is not surprising considering your KASPERSKY scan log :-

"It scanned 103327 objects, and found 56 viruses, 2357 infected objects,"

If you want your computer cleaning, then I have to know what KASPERSKY found ?

Post the header from the KASPERSKY scan log & a selection of the different malware, found in different locations. if there is a long list of lines referencing "C:\System Volume Information\_restore" ... you can ignore those for now.

Please do that first ...

THEN ...

Please follow these directions to run Combofix & post a log.

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

steam

Hi steamwhiz. I completely forgot about my other topic, I'm sorry, I'll post a thankyou now. And I did not run spybot yet.
I'm not sure what you mean by "a selection of the different malware." Here is my Kaspersky log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, March 14, 2008 9:46:13 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 14/03/2008
Kaspersky Anti-Virus database records: 630518
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 103327
Number of viruses found: 56
Number of infected objects: 2357
Number of suspicious objects: 2
Duration of the scan process: 01:44:06


Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd002.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\state\logs\sprtcmd.log Object is locked skipped
C:\Documents and Settings\All Users\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\All Users\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\eun soon chong\Local Settings\Temp\ssqpq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\eun soon chong\Local Settings\Temporary Internet Files\Content.IE5\QOYHYEYV\css4[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\eun soon chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\eun soon chong\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\cert8.db Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\history.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\key3.db Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\parent.lock Object is locked skipped
C:\Documents and Settings\in hong chong\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCX100.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCX103.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCX109.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCX10C.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCX112.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCX11B.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXC5.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXCD.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXD9.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXE5.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXE9.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXEF.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temp\RCXFD.tmp Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\N6O99K68\hctp[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\N6O99K68\iddqd[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\TY7UY1O6\ptch[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in hong chong\msdirectx.sys Infected: Rootkit.Win32.Agent.l skipped
C:\Documents and Settings\in hong chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Start Menu\Programs\Startup\PowerReg Scheduler .exe Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in hong chong\Start Menu\Programs\Startup\PowerReg Scheduler .exe Infected: Virus.Win32.Trats.d skipped
C:\Documents and Settings\in ji chong\Application Data\winantiviruspro2007freeinstall[1].exe Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\awtqp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\awtss.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\awvts.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\cijexctk.sys Infected: Rootkit.Win32.Podnuha.c skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\jkkjh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\jkkji.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\mljgf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\mljji.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\mljkjhi.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\pmnli.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\pmnnk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\rqropnn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\sch20ddshlp.dll Infected: Rootkit.Win32.Agent.qq skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\sstts.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp00015d8c Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp0001678e Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp00016934 Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp0001d5ba Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp0001de74 Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp00028ac1 Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tmp004e644c Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\TMP37.tmp Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\TMP3B.tmp Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\TMP3D.tmp Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\TMPAF.tmp Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\TMPD7.tmp Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\tuvwwtr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\utarvbam.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\vturr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\wvuspqr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\Documents and Settings\in ji chong\Local Settings\Temp\xaabiyrh.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\Documents and Settings\in ji chong\Local Settings\Temporary Internet Files\Content.IE5\07EWZ1C5\ptch[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\Local Settings\Temporary Internet Files\Content.IE5\2ES0R84Z\cmp638[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\Local Settings\Temporary Internet Files\Content.IE5\GZ35O7Z3\hctp[2] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\Local Settings\Temporary Internet Files\Content.IE5\KPW5AJA3\ptch[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\Local Settings\Temporary Internet Files\Content.IE5\S9S3E7ZS\css4[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\Local Settings\Temporary Internet Files\Content.IE5\S9S3E7ZS\hctp[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\in ji chong\My Documents\installdrivecleanerstart.exe Infected: not-a-virus:Downloader.Win32.WinFixer.m skipped
C:\Documents and Settings\in ji chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\in ji chong\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\no won chong\Local Settings\Temp\ddccc.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\no won chong\Local Settings\Temporary Internet Files\Content.IE5\60KG8T7T\css4[1] Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\Documents and Settings\no won chong\msdirectx.sys Infected: Rootkit.Win32.Agent.l skipped
C:\Documents and Settings\no won chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\no won chong\ntuser.dat.LOG Object is locked skipped
C:\Program Files\McAfee.com\Agent\mcupdate .exe Infected: Virus.Win32.Trats.d skipped
C:\Program Files\McAfee.com\Agent\mpfpinst.exe/WISE0021.BIN/MPFSERVICE.EXE Infected: Backdoor.Win32.IRCBot.gen skipped
C:\Program Files\McAfee.com\Agent\mpfpinst.exe/WISE0021.BIN Infected: Backdoor.Win32.IRCBot.gen skipped
C:\Program Files\McAfee.com\Agent\mpfpinst.exe WiseSFX: infected - 2 skipped
C:\Program Files\McAfee.com\Personal Firewall\MpfService.exe Infected: Backdoor.Win32.IRCBot.gen skipped
C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll Infected: not-a-virus:AdWare.Win32.MyWay.v skipped
C:\Program Files\PopsMedia Site Adviser\vm5_killer.exe Infected: Trojan.Win32.BHO.bd skipped
C:\Program Files\QuickTime\qttask .exe Infected: Virus.Win32.Trats.d skipped
C:\Program Files\QuickTime\qttask .exe Infected: Virus.Win32.Trats.d skipped
C:\Program Files\QuickTime\qttask .exe Infected: Virus.Win32.Trats.d skipped
C:\Program Files\QuickTime\qttask.exe Infected: Virus.Win32.Trats.d skipped
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe Infected: Virus.Win32.Trats.d skipped

::Starting from here there was a long list of C:\System Volume Information\_restore, and on the side it said they were all infected. Continunation in next post::

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\abopkxnn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\abrmukxq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\acsqswex.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\adneyros.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\aicuupcl.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ajaftluv.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ajinayey.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\ajjeplcr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\ajqkhtnj.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\AMSTREA.dll Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\anvqhdjp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\aqvtjxwa.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\asferro.25 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\asferro.26 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\asferro.28 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\asqnyaxs.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\atl7.dll Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\aupqyfox.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\awtstrr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\axusurma.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\aygywthi.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\ayrcckff.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\bcpmxoqj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\belyhisu.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\bfeucled.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\bfrskukv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\bhotiggf.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\WINDOWS\SYSTEM32\biirnppd.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\bmqhiimk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\bodfubgb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\bqgsmvtt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\bsdbmwne.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\butysgyw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\bxpqckyd.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\bxvxbqlt.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\C.dll Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\caadwclu.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\cbdlhxkq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\cgnfgluo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\chhjgklx.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\chprihus.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\chwmtecm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ciofsjxk.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\civtyloh.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\clfmbvih.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\cmlrrdio.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\CMPROP.dll Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\cniwoxwg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\cnuxfjfu.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\CNVFA.dll Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\coptscfq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\cpuwbvls.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\cqfgvhhs.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\crkuftym.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\cskfmmod.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\WINDOWS\SYSTEM32\cskoclbq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\csksnkpo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ctmqcagx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\cvcfgyxc.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\cvwvukwi.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\cwrhgmtr.dll Infected: Trojan.Win32.Crypt.o skipped
C:\WINDOWS\SYSTEM32\cxokbmhq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\cyshldwu.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\WINDOWS\SYSTEM32\daaorewl.dll Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\SYSTEM32\daveoyud.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\ddcbbab.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\ddccb.dll Infected: Trojan-Downloader.Win32.Small.bpk skipped
C:\WINDOWS\SYSTEM32\dfblhsai.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dgheswnk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dhlnwhwb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dhrqaihw.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dihqvama.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\djnykprh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dlkbqktx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dlynucsm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dnfhhqnf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dnjayhyq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\doqetald.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dpcjhgkl.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dplilkai.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.sys Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\DRIVERS\lpjcqiax.sys Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\drlfpdfv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\dsdjxbtu.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dtmgkldt.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dtwqtqxx.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\dukoidvg.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\dvlydudr.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dwtkkagy.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\dx3.dll Infected: Trojan.Win32.BHO.gy skipped
C:\WINDOWS\SYSTEM32\dxporyoe.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\dypylirp.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\eaqcgyoo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ebejlork.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ebhknmid.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\ecpbsklw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\edkgsodr.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\eewcqufr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\efmagkxx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\efnveaix.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\efupajqn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\eidsocxs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\eivplovl.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ekhtbdla.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\emcxnfsc.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\encehylx.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\epgdhegv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\eqbrcbfu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\esivfaub.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\etjwctde.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\etssxfbn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\euvuhayt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\eveoddhj.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ewdhmxns.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ixf skipped
C:\WINDOWS\SYSTEM32\exkoebkk.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\eyvbhfyx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\fauhumhe.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\fawuxlkc.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\fcvflxfj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\fdmiybcr.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\filguprl.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\WINDOWS\SYSTEM32\fitpmatb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\flehwqmp.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\fncfhfsp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\fneqxbhs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\fnmlajpb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jxa skipped
C:\WINDOWS\SYSTEM32\fnwisjyi.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\fodwcmjn.dll Infected: not-a-virus:AdWare.Win32.BHO.pq skipped
C:\WINDOWS\SYSTEM32\fqkwfcjt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ftelinop.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ftiudbxj.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\fvmwutyh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\fykatsvb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\gdanhidc.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\gebbbyx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\gfckfdow.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\gfdecltk.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\gfrqbmiw.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ghxbjdyt.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\gjffcfet.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped

C:\WINDOWS\SYSTEM32\gjyjqhid.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\gmotpvbj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\gomdnefd.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\gspccmeu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\gtiqwsef.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\guvasnds.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\guvgofgn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\guvtnwin.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\gvlcpepw.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\gvqnedoo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\gwoesqfy.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\gxbeniiq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\havndcbb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\hblhgfca.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\WINDOWS\SYSTEM32\hdmjtxmp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\hdxtfjdy.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\heetifvw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hfetvtwf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hfrvyksc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\hfsgdshb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hhvxtuku.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hioaxnvo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hkbvlflj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\hkknrsri.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\hklpbygn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hlerjsyx.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\hnokesms.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\hoerrtec.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\hpibdnpi.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\hqmxnwoh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\hsfgumcc.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\htjnncpq.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\htkhahmr.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\httxpwnb.dll Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\SYSTEM32\htujefmn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\hvqiaamn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ideqpfqv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\idrkohxe.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\ifaiuorn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\igbmvwhh.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ihcynrwg.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ihohyfuc.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ihwkljju.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\iifcbcy.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\ikcowhka.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ilbxntwp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\inbbodrf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\injuntfm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\iodbucui.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ipnwiffr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\iqvbsbce.dll Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\SYSTEM32\irhcknrm.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ivijckkv.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\iwtjlqyl.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\iybfqbur.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\jatkcpvm.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\jcqwuoaf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\jftrfcqd.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\jhfnviqu.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\jibgvber.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\jkhhf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\jkhhf.exe Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\jkqjuqkc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\jkyuxhvv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\jlbplwrj.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\jldsntwo.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\jpjunxou.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\jqniubcs.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\jscylvjk.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\jttgmhah.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\jwjeerxd.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\jyeuljmf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\jyfnjgds.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\kanxivvq.dll Infected: not-a-virus:AdWare.Win32.BHO.ps skipped
C:\WINDOWS\SYSTEM32\kcaamnga.dll Infected: not-a-virus:AdWare.Win32.BHO.gp skipped
C:\WINDOWS\SYSTEM32\kcfeanty.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\kemqkked.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\kfctmsdn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\kgpyavgw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\kihtpnek.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\kmguvnse.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\kpviwyrb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\krnucbbm.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ksllybpe.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ktegfycp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\kufnqqud.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\kupvydra.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\lbcidwth.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lcbidetx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\lenixrcg.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lgkrnbqt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\ljtkxfhm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lnqdxgdf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lpgngthf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\lpleobuj.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lpnsybrt.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\lptqwbku.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\lpvyswxu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\lqqbmvul.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lravhfch.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\lsyihboi.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\lwnounve.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\lxnboqld.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\lxpqdpgd.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\mdstnfiv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\mhviupfa.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\mjdyeshr.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\mkebsvrp.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\mlguwajy.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\mljjhgg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\mlrdamcn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\mmhxwklc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\mmnaqset.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\monfbufw.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\moraghrw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\mpuoqfad.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\mqxryfuh.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\mrbantau.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\mrfjyxhj.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\mrorqvca.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\mrscswqk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\mrstumbi.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\MRT.exe Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\mtfbjukg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\mwiqvvej.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\mxxdnwle.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\nbeetcvi.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\nbutfndq.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\WINDOWS\SYSTEM32\ncrfdxgd.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\nebasira.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\njtxjgsv.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\njtxveup.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\nkfwcnvs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\nktwhnje.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\nmyffpid.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\nnnnmno.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\nnonvxxf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\noajegro.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\npjjnhoo.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\nqcvqkfq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\nracbdsg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ntgxabbu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ntqfarwl.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\nujpiphq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\nvfwkwly.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\nvlrdajn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\oamvyfif.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\oauufhpq.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\obcjluer.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\obeoowmx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\obmkvhrh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\obribwcb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\obwsbcjq.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ocdclxag.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ocmxigrx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\octebkyh.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\octegdyb.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ocyfswvy.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\odhfhksj.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\odjaqagk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\odlhvmqi.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\odqidynf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\oeeskshl.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ojshcwjj.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\okrxdnpb.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\olpmcouf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ompcorph.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\onsdqbnb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\onvhkukq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ooeeoibc.exe Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\SYSTEM32\opaqnmim.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\opnlkig.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\opnllij.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\opnopml.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\oqehngjb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\oqgqbkil.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\oqkhlpcx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\oqrlwsoe.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\oqtloewa.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ovpqlyeo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\owamvyse.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\owtaqaxq.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\oxgmtyuc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\oyuoumuy.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\pangqbpn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\pcwfhqma.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\pfngdmdm.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\pgarjkyr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\pgbynwqu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\pgxtrtrj.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\pigaexnd.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\pkbxtqdb.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\pkmetmgd.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\pmurvftk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\pmuxdkmx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\pmuxjwty.dll Infected: not-a-virus:AdWare.Win32.BHO.hg skipped
C:\WINDOWS\SYSTEM32\prjxfiox.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\psfvocqq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ptorvxmr.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\puoabxyg.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\pvkhuwxo.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\qamcfcot.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qcvyfcuk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\qephfuya.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qffidarn.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\qfjbdeev.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qhgsqnin.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qhumutjd.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qhwwrhmv.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\qiofslhr.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qipqasvb.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qjeclodx.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\qkvsmaka.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qmresxwf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\qnfdfemx.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\qpitrvus.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\qqvpbxdm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qqyitvuk.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qrxkpjlk.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qtnruqbv.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\qvukhoul.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\qxgdajup.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ravapekt.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\rbfywntq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir Infected: Virus.Win32.Trats.d skipped

C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\rdebjtyu.dll Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\SYSTEM32\rfbnwquu.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\rgkihrpq.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\rjosmslf.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\rkrvnpvr.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\rlijeprk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\rpuqjpyq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\rqronnl.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\rrxekasy.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\rtccpsus.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\rvcqabyw.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\rvfeehky.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\rvhajdab.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\rvklmjty.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\rvrmoeha.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\rvxjuuta.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\rwpokqto.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\rxahjbxf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ryrrkcgr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\saxhqxav.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\snktfxal.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\soarkccb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\spguythh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\spivxaje.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\sqfnbdxl.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\srcjhqvo.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\srqtryti.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\stgncecb.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\sthpjqri.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\sulnevrl.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\svbtdnun.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\svnorgsr.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\svwrbwxp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\syyambqf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\tahhhtsu.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\tbrpdaaq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\tinnvdjm.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\tmojmdqt.dll Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\SYSTEM32\toqmvapj.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\WINDOWS\SYSTEM32\ttiiueya.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ttmgphch.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\tuvstuv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\tuyymltd.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\txcxecri.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\txqtwuvt.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\tyactius.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\tynlwrmp.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\tynvgtve.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\tyrkshda.dll Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\SYSTEM32\ualapbmm.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\ubnjqtxi.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ucudegfx.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ufxabbac.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ufxilfgq.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\uisioruc.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\uixihcqo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ukmkpign.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\ulbfidwx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\umeraebp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\umjprvyr.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\WINDOWS\SYSTEM32\umrbowoi.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\uodpmrdj.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\uoktgier.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\WINDOWS\SYSTEM32\uoxqxmls.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\usovgbst.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\utghomyq.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\uuiwxuii.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\uvuyvlxt.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\vhxmjvvk.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\viuhgauc.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\vjedonkl.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\vxormldi.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\vyaykexw.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\wbghyhni.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\WINDOWS\SYSTEM32\wdburkgx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wdiwdjtf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wdtnmtxc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\wegaxjlw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wfkhxtbc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\wgksafvc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\wgvahvcm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\whespsdo.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\whobaywm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wisptibn.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wiwbirme.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wjfqhluo.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wjkptwev.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\wkornwme.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\wlprbddg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\wlqvbrbh.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wnxsfmye.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\wopidxcx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\wwkurfjs.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\xbronfcc.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\xdlytwyf.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xdyjarsm.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\xfnqjcpv.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\xgihdhak.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\xigmeliw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xikoqpup.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xjfscile.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xjmvtblc.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\xknuyejm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xosixbol.dll Infected: not-a-virus:AdWare.Win32.SuperJuan.bce skipped
C:\WINDOWS\SYSTEM32\xpnujjjk.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xposarnp.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xpxbotin.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\WINDOWS\SYSTEM32\xryvmrmh.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xsdududy.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\xwgparae.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\xyldtmpp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\yayawxw.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\WINDOWS\SYSTEM32\yccihgin.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\yeliecod.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\yffqhsjx.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ymuahqmp.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ynspwyfm.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\yomkwjjw.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\SYSTEM32\ypjkxyvg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\yqkugabf.dll Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\SYSTEM32\yspnlldh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\ytyakqts.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\SYSTEM32\yxehochp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ixe skipped
C:\WINDOWS\SYSTEM32\yyatnrdj.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\WINDOWS\SYSTEM32\yyfnctwv.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\SYSTEM32\yyswkmgd.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\WINDOWS\Temp\ASHeuristic\cwrhgmtr_dll.vir Infected: Trojan.Win32.Crypt.o skipped
C:\WINDOWS\Temp\ASHeuristic\httxpwnb_dll.vir Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\Temp\ASHeuristic\iqvbsbce_dll.vir Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\Temp\ASHeuristic\kanxivvq_dll.vir Infected: not-a-virus:AdWare.Win32.BHO.ps skipped
C:\WINDOWS\Temp\ASHeuristic\kcaamnga_dll.vir Infected: not-a-virus:AdWare.Win32.BHO.gp skipped
C:\WINDOWS\Temp\ASHeuristic\rdebjtyu_dll.vir Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\Temp\ASHeuristic\tyrkshda_dll.vir Infected: not-a-virus:AdWare.Win32.BHO.hw skipped
C:\WINDOWS\Temp\TMP0000000165DA56EE60A7ADB0 Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

::ComboFix log::

ComboFix 08-03-14.4 - in hong chong 2008-03-16 16:36:48.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.183 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\in hong chong\Start Menu\Programs\Startup\PowerReg Scheduler .exe
C:\Documents and Settings\in hong chong\Start Menu\Programs\Startup\PowerReg Scheduler .exe
C:\Documents and Settings\in hong chong\Start Menu\Programs\Startup\PowerReg Scheduler .exe
C:\Documents and Settings\in hong chong\Start Menu\Programs\Startup\PowerReg Scheduler .exe
C:\Program Files\FunWebProducts
C:\Program Files\McAfee.com\Agent\MCUPDA~1.EXE
C:\Program Files\McAfee.com\Agent\mcupdate .exe
C:\Program Files\MyWebSearch
C:\Program Files\PopsMedia Site Adviser
C:\Program Files\PopsMedia Site Adviser\vm5_killer.exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\BM0fc68cc3.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\acsqswex.dll
C:\WINDOWS\system32\aepwlkbw.dll
C:\WINDOWS\system32\aeymfdxc.dll
C:\WINDOWS\SYSTEM32\aijyvrkl.ini
C:\WINDOWS\system32\ajinayey.dll
C:\WINDOWS\system32\ajjeplcr.dll
C:\WINDOWS\SYSTEM32\aldbthke.ini
C:\WINDOWS\system32\AMSTREA.dll
C:\WINDOWS\system32\anvqhdjp.dll
C:\WINDOWS\system32\apqhtudt.dll
C:\WINDOWS\system32\aqvtjxwa.dll
C:\WINDOWS\SYSTEM32\ardyvpuk.ini
C:\WINDOWS\system32\atl7.dll
C:\WINDOWS\SYSTEM32\atuujxvr.ini
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\awtstrr.dll
C:\WINDOWS\system32\aygywthi.dll
C:\WINDOWS\system32\aymydqur.dll
C:\WINDOWS\system32\ayrcckff.dll
C:\WINDOWS\SYSTEM32\badjahvr.ini
C:\WINDOWS\system32\bbwlidjp.dll
C:\WINDOWS\system32\bcpmxoqj.dll
C:\WINDOWS\system32\bfeucled.dll
C:\WINDOWS\system32\bfrskukv.dll
C:\WINDOWS\system32\bhotiggf.dll
C:\WINDOWS\system32\biirnppd.dll
C:\WINDOWS\system32\bjdouvuc.dll
C:\WINDOWS\system32\bmqhiimk.dll
C:\WINDOWS\system32\bqgsmvtt.dll
C:\WINDOWS\SYSTEM32\brywivpk.ini
C:\WINDOWS\system32\bsdbmwne.dll
C:\WINDOWS\system32\btcxtewp.dll
C:\WINDOWS\SYSTEM32\buafvise.ini
C:\WINDOWS\system32\bvtyjoww.dll
C:\WINDOWS\system32\bxpqckyd.dll
C:\WINDOWS\system32\C.dll
C:\WINDOWS\SYSTEM32\cdihnadg.ini
C:\WINDOWS\SYSTEM32\cdihnadg.tmp
C:\WINDOWS\system32\cfelxtrs.dll
C:\WINDOWS\system32\cfpkyydb.dll
C:\WINDOWS\system32\cgfryfkq.dll
C:\WINDOWS\SYSTEM32\clpcjjof.ini
C:\WINDOWS\system32\CMPROP.dll
C:\WINDOWS\system32\cniwoxwg.dll
C:\WINDOWS\system32\CNVFA.dll
C:\WINDOWS\system32\cnxhscry.dll
C:\WINDOWS\SYSTEM32\coiowbmh.ini
C:\WINDOWS\system32\coptscfq.dll
C:\WINDOWS\system32\cqqevdnm.dll
C:\WINDOWS\system32\crkuftym.dll
C:\WINDOWS\SYSTEM32\csksslmd.ini
C:\WINDOWS\system32\ctfmon.exe.tmp
C:\WINDOWS\system32\ctmqcagx.dll
C:\WINDOWS\system32\cwrhgmtr.dll
C:\WINDOWS\system32\cxlpkhgp.dll
C:\WINDOWS\system32\cyshldwu.dll
C:\WINDOWS\system32\daaorewl.dll
C:\WINDOWS\SYSTEM32\dafqoupm.ini
C:\WINDOWS\system32\daveoyud.dll
C:\WINDOWS\system32\ddcbbab.dll
C:\WINDOWS\SYSTEM32\dekkqmek.ini
C:\WINDOWS\SYSTEM32\delcuefb.ini
C:\WINDOWS\system32\dfblhsai.dll
C:\WINDOWS\system32\dgheswnk.dll
C:\WINDOWS\SYSTEM32\dgpdqpxl.ini
C:\WINDOWS\system32\dhrqaihw.dll
C:\WINDOWS\SYSTEM32\dimnkhbe.ini
C:\WINDOWS\system32\djnykprh.dll
C:\WINDOWS\system32\dlkbqktx.dll
C:\WINDOWS\system32\dnfhhqnf.dll
C:\WINDOWS\system32\dniugreu.dll
C:\WINDOWS\system32\dnjayhyq.dll
C:\WINDOWS\system32\dnslchwb.dll
C:\WINDOWS\system32\dpctqyxq.dll
C:\WINDOWS\system32\dptqncrj.dll
C:\WINDOWS\system32\dqgkcioc.dll
C:\WINDOWS\system32\drivers\lpjcqiax.dat
C:\WINDOWS\system32\drlfpdfv.dll
C:\WINDOWS\system32\dtwqepii.dll
C:\WINDOWS\SYSTEM32\duyoevad.ini
C:\WINDOWS\system32\dwtkkagy.dll
C:\WINDOWS\system32\dx3.dll
C:\WINDOWS\SYSTEM32\dykcqpxb.ini
C:\WINDOWS\system32\dyyvnpaw.dll
C:\WINDOWS\system32\ebejlork.dll
C:\WINDOWS\system32\ebhknmid.dll
C:\WINDOWS\system32\eewcqufr.dll
C:\WINDOWS\SYSTEM32\ehmuhuaf.ini
C:\WINDOWS\system32\eidsocxs.dll
C:\WINDOWS\system32\ejujgqmc.dll
C:\WINDOWS\system32\ekhtbdla.dll
C:\WINDOWS\system32\ellttswy.dll
C:\WINDOWS\system32\emcnnxos.dll
C:\WINDOWS\system32\emcxnfsc.dll
C:\WINDOWS\system32\encehylx.dll
C:\WINDOWS\SYSTEM32\enwmbdsb.ini
C:\WINDOWS\system32\epgdhegv.dll
C:\WINDOWS\system32\eqbrcbfu.dll
C:\WINDOWS\system32\esivfaub.dll
C:\WINDOWS\system32\euvuhayt.dll
C:\WINDOWS\system32\evondevk.dll
C:\WINDOWS\system32\ewdhmxns.dll
C:\WINDOWS\SYSTEM32\exhokrdi.ini
C:\WINDOWS\SYSTEM32\faouwqcj.ini
C:\WINDOWS\system32\fauhumhe.dll
C:\WINDOWS\system32\fbaqrixj.dll
C:\WINDOWS\system32\fcvflxfj.dll
C:\WINDOWS\SYSTEM32\ffkccrya.ini
C:\WINDOWS\SYSTEM32\fhhkj.ini
C:\WINDOWS\SYSTEM32\fhhkj.ini2
C:\WINDOWS\system32\fhsjklvr.dll
C:\WINDOWS\SYSTEM32\fhtgngpl.ini
C:\WINDOWS\system32\fhwepglv.dll
C:\WINDOWS\SYSTEM32\fifyvmao.ini
C:\WINDOWS\system32\filguprl.dll
C:\WINDOWS\system32\fncfhfsp.dll
C:\WINDOWS\system32\fneqxbhs.dll
C:\WINDOWS\system32\fnmlajpb.dll
C:\WINDOWS\SYSTEM32\fnydiqdo.ini
C:\WINDOWS\system32\fodwcmjn.dll
C:\WINDOWS\system32\fojjcplc.dll
C:\WINDOWS\SYSTEM32\fqbmayys.ini
C:\WINDOWS\system32\fqkwfcjt.dll
C:\WINDOWS\system32\fvmwutyh.dll
C:\WINDOWS\SYSTEM32\fwxsermq.ini
C:\WINDOWS\SYSTEM32\fxbjhaxr.ini
C:\WINDOWS\system32\fxnthwst.dll
C:\WINDOWS\system32\fyfirbvk.dll
C:\WINDOWS\system32\fykatsvb.dll
C:\WINDOWS\SYSTEM32\gaxlcdco.ini
C:\WINDOWS\system32\gcwqqvyp.dll
C:\WINDOWS\system32\gdanhidc.dll
C:\WINDOWS\SYSTEM32\gddbrplw.ini
C:\WINDOWS\system32\gebbbyx.dll
C:\WINDOWS\system32\gmotpvbj.dll
C:\WINDOWS\SYSTEM32\gsdbcarn.ini
C:\WINDOWS\system32\gspccmeu.dll
C:\WINDOWS\system32\gtuyylwj.dll
C:\WINDOWS\system32\guvgofgn.dll
C:\WINDOWS\system32\gvlcpepw.dll
C:\WINDOWS\SYSTEM32\gvyxkjpy.ini
C:\WINDOWS\system32\gwoesqfy.dll
C:\WINDOWS\SYSTEM32\gwxowinc.ini
C:\WINDOWS\system32\gxbeniiq.dll
C:\WINDOWS\system32\havndcbb.dll
C:\WINDOWS\system32\hblhgfca.dll
C:\WINDOWS\system32\hbrqcjnv.dll
C:\WINDOWS\SYSTEM32\hdllnpsy.ini
C:\WINDOWS\system32\hdmjtxmp.dll
C:\WINDOWS\system32\hfitgqww.dll
C:\WINDOWS\SYSTEM32\hhtyugps.ini
C:\WINDOWS\system32\hiwmlnjo.dll
C:\WINDOWS\system32\hkbvlflj.dll
C:\WINDOWS\system32\hkknrsri.dll
C:\WINDOWS\system32\hnokesms.dll
C:\WINDOWS\SYSTEM32\hownxmqh.ini
C:\WINDOWS\system32\hqmxnwoh.dll
C:\WINDOWS\SYSTEM32\hrhvkmbo.ini
C:\WINDOWS\SYSTEM32\hrpkynjd.ini
C:\WINDOWS\system32\hrqhbwvs.dll
C:\WINDOWS\system32\httxpwnb.dll
C:\WINDOWS\system32\hvqiaamn.dll
C:\WINDOWS\SYSTEM32\hytuwmvf.ini
C:\WINDOWS\SYSTEM32\hytuwmvf.tmp
C:\WINDOWS\SYSTEM32\iashlbfd.ini
C:\WINDOWS\system32\ideqpfqv.dll
C:\WINDOWS\system32\idrkohxe.dll
C:\WINDOWS\system32\iifcbcy.dll
C:\WINDOWS\SYSTEM32\iowobrmu.ini
C:\WINDOWS\system32\ipnwiffr.dll
C:\WINDOWS\system32\iqvbsbce.dll
C:\WINDOWS\SYSTEM32\ircexcxt.ini
C:\WINDOWS\SYSTEM32\irsrnkkh.ini
C:\WINDOWS\system32\iwtjlqyl.dll
C:\WINDOWS\system32\iybfqbur.dll
C:\WINDOWS\system32\jatkcpvm.dll
C:\WINDOWS\SYSTEM32\jbvptomg.ini
C:\WINDOWS\system32\jciljekf.dll
C:\WINDOWS\system32\jcqwuoaf.dll
C:\WINDOWS\system32\jdsgkrpt.dll
C:\WINDOWS\SYSTEM32\jevvqiwm.ini
C:\WINDOWS\SYSTEM32\jfxlfvcf.ini
C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\system32\jkhhf.exe
C:\WINDOWS\system32\jknjwxas.dll
C:\WINDOWS\system32\jkyuxhvv.dll
C:\WINDOWS\system32\jlbplwrj.dll
C:\WINDOWS\system32\jldsntwo.dll
C:\WINDOWS\SYSTEM32\jlflvbkh.ini
C:\WINDOWS\system32\jmtsnhyr.dll
C:\WINDOWS\system32\jnnhsndn.dll
C:\WINDOWS\system32\jpjunxou.dll
C:\WINDOWS\SYSTEM32\jqoxmpcb.ini
C:\WINDOWS\SYSTEM32\jrwlpblj.ini
C:\WINDOWS\system32\jtgnrwyh.dll
C:\WINDOWS\system32\jukdyejg.dll
C:\WINDOWS\system32\jvduoayw.dll
C:\WINDOWS\system32\jyfnjgds.dll
C:\WINDOWS\system32\kanxivvq.dll
C:\WINDOWS\system32\kcfeanty.dll
C:\WINDOWS\system32\kemqkked.dll
C:\WINDOWS\SYSTEM32\kenpthik.ini
C:\WINDOWS\system32\kfctmsdn.dll
C:\WINDOWS\system32\kihtpnek.dll
C:\WINDOWS\system32\kmdyrweo.dll
C:\WINDOWS\SYSTEM32\kmiihqmb.ini
C:\WINDOWS\system32\kpviwyrb.dll
C:\WINDOWS\system32\krnucbbm.dll
C:\WINDOWS\SYSTEM32\krpejilr.ini
C:\WINDOWS\system32\krqoqleg.dll
C:\WINDOWS\SYSTEM32\kucfyvcq.ini
C:\WINDOWS\system32\kupvydra.dll
C:\WINDOWS\SYSTEM32\lacjhmia.ini
C:\WINDOWS\system32\lcbidetx.dll
C:\WINDOWS\system32\lccfigxt.dll
C:\WINDOWS\system32\lgkrnbqt.dll
C:\WINDOWS\SYSTEM32\lhskseeo.ini
C:\WINDOWS\SYSTEM32\likbqgqo.ini
C:\WINDOWS\SYSTEM32\lobxisox.ini
C:\WINDOWS\system32\lordeqbp.dll
C:\WINDOWS\system32\lpgngthf.dll
C:\WINDOWS\system32\lptqwbku.dll
C:\WINDOWS\system32\lpvyswxu.dll
C:\WINDOWS\SYSTEM32\lrvenlus.ini
C:\WINDOWS\system32\lspshwpt.dll
C:\WINDOWS\SYSTEM32\luohkuvq.ini
C:\WINDOWS\system32\lusamosn.dll
C:\WINDOWS\system32\lxpqdpgd.dll
C:\WINDOWS\SYSTEM32\lyqljtwi.ini
C:\WINDOWS\system32\mbbjlybw.dll
C:\WINDOWS\system32\mbewtaca.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mdstnfiv.dll
C:\WINDOWS\SYSTEM32\mimnqapo.ini
C:\WINDOWS\SYSTEM32\mjdvnnit.ini
C:\WINDOWS\system32\mljjhgg.dll
C:\WINDOWS\system32\mlrdamcn.dll
C:\WINDOWS\system32\mpfakmde.dll
C:\WINDOWS\system32\mpuoqfad.dll
C:\WINDOWS\system32\mrbantau.dll
C:\WINDOWS\system32\mrorqvca.dll
C:\WINDOWS\system32\mrscswqk.dll
C:\WINDOWS\SYSTEM32\msrajydx.ini
C:\WINDOWS\system32\mtfbjukg.dll
C:\WINDOWS\system32\mvcxkwsu.dll
C:\WINDOWS\system32\mwiqvvej.dll
C:\WINDOWS\SYSTEM32\mytfukrc.ini
C:\WINDOWS\SYSTEM32\ncmadrlm.ini
C:\WINDOWS\SYSTEM32\ndsmtcfk.ini
C:\WINDOWS\system32\nfhftulo.dll
C:\WINDOWS\SYSTEM32\ngfogvug.ini
C:\WINDOWS\SYSTEM32\nighiccy.ini
C:\WINDOWS\system32\nkfwcnvs.dll
C:\WINDOWS\system32\nktwhnje.dll
C:\WINDOWS\SYSTEM32\nmaaiqvh.ini
C:\WINDOWS\system32\nmyffpid.dll
C:\WINDOWS\system32\nnnnmno.dll
C:\WINDOWS\system32\npjjnhoo.dll
C:\WINDOWS\system32\npnnqgga.dll
C:\WINDOWS\system32\nracbdsg.dll
C:\WINDOWS\system32\ntgxabbu.dll
C:\WINDOWS\system32\nujpiphq.dll
C:\WINDOWS\system32\nvlrdajn.dll
C:\WINDOWS\system32\oamvyfif.dll
C:\WINDOWS\system32\obcjluer.dll
C:\WINDOWS\system32\obmkvhrh.dll
C:\WINDOWS\system32\ocdclxag.dll
C:\WINDOWS\system32\odhfhksj.dll
C:\WINDOWS\system32\odjaqagk.dll
C:\WINDOWS\system32\odqidynf.dll
C:\WINDOWS\SYSTEM32\odspsehw.ini
C:\WINDOWS\system32\oeeskshl.dll
C:\WINDOWS\system32\ollvouwo.dll
C:\WINDOWS\system32\omcktevr.dll
C:\WINDOWS\system32\onvhkukq.dll
C:\WINDOWS\SYSTEM32\oohnjjpn.ini
C:\WINDOWS\system32\opaqnmim.dll
C:\WINDOWS\system32\opnlkig.dll
C:\WINDOWS\system32\opnllij.dll
C:\WINDOWS\system32\opnopml.dll
C:\WINDOWS\system32\oqehngjb.dll
C:\WINDOWS\system32\oqgqbkil.dll
C:\WINDOWS\system32\ouheryeb.dll
C:\WINDOWS\system32\ovmrlftq.dll
C:\WINDOWS\SYSTEM32\ovqhjcrs.ini
C:\WINDOWS\SYSTEM32\owoplhca.ini
C:\WINDOWS\system32\oyuoumuy.dll
C:\WINDOWS\system32\pcwfhqma.dll
C:\WINDOWS\system32\pcywxmeh.dll
C:\WINDOWS\system32\pgarjkyr.dll
C:\WINDOWS\system32\pgbynwqu.dll
C:\WINDOWS\SYSTEM32\phcohexy.ini
C:\WINDOWS\system32\pivgnwwf.dll
C:\WINDOWS\system32\plusftjp.dll
C:\WINDOWS\system32\pmrkqobs.dll
C:\WINDOWS\system32\pmurvftk.dll
C:\WINDOWS\system32\pmuxjwty.dll
C:\WINDOWS\SYSTEM32\pmxtjmdh.ini
C:\WINDOWS\SYSTEM32\ppmtdlyx.ini
C:\WINDOWS\SYSTEM32\psfhfcnf.ini
C:\WINDOWS\system32\puvevyvc.dll
C:\WINDOWS\system32\pvkhuwxo.dll
C:\WINDOWS\SYSTEM32\pvtqlfln.ini
C:\WINDOWS\system32\qcvyfcuk.dll
C:\WINDOWS\SYSTEM32\qkukhvno.ini
C:\WINDOWS\system32\qlibidns.dll
C:\WINDOWS\system32\qmresxwf.dll
C:\WINDOWS\system32\qpitrvus.dll
C:\WINDOWS\system32\qsxbarkg.dll
C:\WINDOWS\system32\qvukhoul.dll
C:\WINDOWS\system32\qxgdajup.dll
C:\WINDOWS\SYSTEM32\qyhyajnd.ini
C:\WINDOWS\SYSTEM32\qypjqupr.ini
C:\WINDOWS\SYSTEM32\rclpejja.ini
C:\WINDOWS\system32\rdebjtyu.dll
C:\WINDOWS\SYSTEM32\reuljcbo.ini
C:\WINDOWS\system32\rfbnwquu.dll
C:\WINDOWS\SYSTEM32\rffiwnpi.ini
C:\WINDOWS\SYSTEM32\rfuqcwee.ini
C:\WINDOWS\system32\rlijeprk.dll
C:\WINDOWS\system32\rnhkgwgm.dll
C:\WINDOWS\system32\rpuqjpyq.dll
C:\WINDOWS\system32\rqronnl.dll
C:\WINDOWS\SYSTEM32\rubqfbyi.ini
C:\WINDOWS\system32\rvfeehky.dll
C:\WINDOWS\system32\rvhajdab.dll
C:\WINDOWS\system32\rvrmoeha.dll
C:\WINDOWS\system32\rvxjuuta.dll
C:\WINDOWS\system32\rwpokqto.dll
C:\WINDOWS\system32\rxahjbxf.dll
C:\WINDOWS\SYSTEM32\rykjragp.ini
C:\WINDOWS\system32\ryrrkcgr.dll
C:\WINDOWS\SYSTEM32\ryvrpjmu.ini
C:\WINDOWS\SYSTEM32\shbxqenf.ini
C:\WINDOWS\system32\sivpwlfd.dll
C:\WINDOWS\SYSTEM32\smsekonh.ini
C:\WINDOWS\system32\soarkccb.dll
C:\WINDOWS\system32\spguythh.dll
C:\WINDOWS\SYSTEM32\spshscsw.ini
C:\WINDOWS\SYSTEM32\sqwmpvbu.ini
C:\WINDOWS\system32\srcjhqvo.dll
C:\WINDOWS\system32\stgncecb.dll
C:\WINDOWS\system32\sulnevrl.dll
C:\WINDOWS\SYSTEM32\suvrtipq.ini
C:\WINDOWS\SYSTEM32\svncwfkn.ini
C:\WINDOWS\system32\swymcdxt.dll
C:\WINDOWS\SYSTEM32\sxcosdie.ini

C:\WINDOWS\system32\syyambqf.dll
C:\WINDOWS\system32\tbkxtsqj.dll
C:\WINDOWS\system32\tediouln.dll
C:\WINDOWS\system32\tinnvdjm.dll
C:\WINDOWS\SYSTEM32\tjcfwkqf.ini
C:\WINDOWS\system32\tkbexydh.dll
C:\WINDOWS\system32\tmojmdqt.dll
C:\WINDOWS\system32\tomcotej.dll
C:\WINDOWS\system32\ttfkaoge.dll
C:\WINDOWS\system32\ttiiueya.dll
C:\WINDOWS\SYSTEM32\ttvmsgqb.ini
C:\WINDOWS\system32\tuvstuv.dll
C:\WINDOWS\system32\tuyymltd.dll
C:\WINDOWS\system32\tvjeqgpq.dll
C:\WINDOWS\system32\txcxecri.dll
C:\WINDOWS\SYSTEM32\txlvyuvu.ini
C:\WINDOWS\system32\txqtwuvt.dll
C:\WINDOWS\SYSTEM32\tyahuvue.ini
C:\WINDOWS\system32\tyrkshda.dll
C:\WINDOWS\SYSTEM32\tyywfxxt.ini
C:\WINDOWS\system32\ucudegfx.dll
C:\WINDOWS\system32\ufxilfgq.dll
C:\WINDOWS\SYSTEM32\uhvphvuw.ini
C:\WINDOWS\SYSTEM32\ukbwqtpl.ini
C:\WINDOWS\system32\ukmkpign.dll
C:\WINDOWS\system32\umeraebp.dll
C:\WINDOWS\system32\umjprvyr.dll
C:\WINDOWS\system32\umrbowoi.dll
C:\WINDOWS\system32\uofsxoid.dll
C:\WINDOWS\system32\uoktgier.dll
C:\WINDOWS\SYSTEM32\uqwnybgp.ini
C:\WINDOWS\SYSTEM32\uuqwnbfr.ini
C:\WINDOWS\system32\uvuyvlxt.dll
C:\WINDOWS\system32\uwqpdksw.dll
C:\WINDOWS\system32\vaokrtxa.dll
C:\WINDOWS\system32\vcipbiov.dll
C:\WINDOWS\SYSTEM32\vewtpkjw.ini
C:\WINDOWS\SYSTEM32\vfdpflrd.ini
C:\WINDOWS\SYSTEM32\vgehdgpe.ini
C:\WINDOWS\system32\vglkxkra.dll
C:\WINDOWS\SYSTEM32\vifntsdm.ini
C:\WINDOWS\SYSTEM32\vkuksrfb.ini
C:\WINDOWS\system32\vmeulkhi.dll
C:\WINDOWS\system32\vobjiupg.dll
C:\WINDOWS\SYSTEM32\vodwjkvq.ini
C:\WINDOWS\SYSTEM32\vvhxuykj.ini
C:\WINDOWS\SYSTEM32\vwtcnfyy.ini
C:\WINDOWS\system32\vyaykexw.dll
C:\WINDOWS\system32\wbghyhni.dll
C:\WINDOWS\system32\whespsdo.dll
C:\WINDOWS\system32\wjkptwev.dll
C:\WINDOWS\system32\wkornwme.dll
C:\WINDOWS\system32\wlprbddg.dll
C:\WINDOWS\system32\wnxsfmye.dll
C:\WINDOWS\SYSTEM32\wpepclvg.ini
C:\WINDOWS\system32\wradtldi.dll
C:\WINDOWS\system32\wwkurfjs.dll
C:\WINDOWS\SYSTEM32\wybdexqa.ini
C:\WINDOWS\system32\xdyjarsm.dll
C:\WINDOWS\SYSTEM32\xfgeducu.ini
C:\WINDOWS\SYSTEM32\xgacqmtc.ini
C:\WINDOWS\SYSTEM32\xhoqlpeq.ini
C:\WINDOWS\system32\xjmvtblc.dll
C:\WINDOWS\system32\xkywanfa.dll
C:\WINDOWS\system32\xncqfawx.dll
C:\WINDOWS\system32\xosixbol.dll
C:\WINDOWS\system32\xpxbotin.dll
C:\WINDOWS\system32\xsvoqenv.dll
C:\WINDOWS\SYSTEM32\xtedibcl.ini
C:\WINDOWS\SYSTEM32\xtkqbkld.ini
C:\WINDOWS\SYSTEM32\xtuxciwk.ini
C:\WINDOWS\system32\xyldtmpp.dll
C:\WINDOWS\system32\yayawxw.dll
C:\WINDOWS\system32\yccihgin.dll
C:\WINDOWS\SYSTEM32\ycedmlat.ini
C:\WINDOWS\SYSTEM32\yfqseowg.ini
C:\WINDOWS\SYSTEM32\ykheefvr.ini
C:\WINDOWS\system32\ypjkxyvg.dll
C:\WINDOWS\system32\ypusfrgw.dll
C:\WINDOWS\system32\yqkugabf.dll
C:\WINDOWS\system32\yspnlldh.dll
C:\WINDOWS\system32\ytyakqts.dll
C:\WINDOWS\system32\yxehochp.dll
C:\WINDOWS\system32\yyfnctwv.dll
C:\WINDOWS\system32\asferro.dll . . . . failed to delete


<pre>
C:\Program Files\McAfee.com\Agent\MCUPDA~1 .EXE ---^> C:\Program Files\McAfee.com\Agent\mcupdate .exe
</pre>
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\LEGACY_MSDIRECTX
-------\LEGACY_NFTKECAA
-------\LEGACY_NPF
-------\ApiMon
-------\nftkecaa


((((((((((((((((((((((((( Files Created from 2008-02-16 to 2008-03-16 )))))))))))))))))))))))))))))))
.

2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 18:41 . 2008-03-14 22:04 1,366,923 ---hs---- C:\WINDOWS\SYSTEM32\nradiffq.ini
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-13 18:33 . 2008-03-13 18:38 1,346,717 ---hs---- C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 19:12 . 2008-03-13 18:33 1,346,570 ---hs---- C:\WINDOWS\SYSTEM32\dnrfhvki.ini
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-08 21:48 . 2008-03-08 21:48 1,307,561 ---hs---- C:\WINDOWS\SYSTEM32\espobsqd.ini
2008-03-08 20:46 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
2008-03-07 21:47 . 2008-03-08 20:48 1,307,648 ---hs---- C:\WINDOWS\SYSTEM32\eqnvihkd.ini
2008-03-06 21:44 . 2008-03-07 18:10 1,306,737 ---hs---- C:\WINDOWS\SYSTEM32\oawvheed.ini
2008-03-05 21:46 . 2008-03-06 17:39 1,307,452 ---hs---- C:\WINDOWS\SYSTEM32\xoifusud.ini
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-03 19:55 . 2008-03-03 19:55 1,302,442 ---hs---- C:\WINDOWS\SYSTEM32\gnopfhwh.ini
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod
2008-02-20 12:09 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
2008-02-19 15:34 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
2008-02-18 12:29 . 2008-02-18 12:29 <DIR> d-------- C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-17 22:33 . 2008-03-14 16:45 <DIR> d-------- C:\Program Files\iTunes
2008-02-17 22:08 . 2008-02-17 22:35 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-17 20:58 . 2008-03-09 19:42 <DIR> d-------- C:\Program Files\Bonjour
2008-02-17 20:53 . 2008-02-17 22:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-17 20:51 . 2008-02-17 20:52 <DIR> d-------- C:\Program Files\Apple Software Update
2008-02-17 20:50 . 2008-01-15 03:39 30,464 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbaapl.sys
2008-02-17 20:48 . 2008-02-17 20:48 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-02-17 20:48 . 2008-02-17 20:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-02-16 17:54 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-16 21:57 --------- d-----w C:\Program Files\QuickTime
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-14 21:45 --------- d-----w C:\Program Files\DellSupport
2008-03-14 21:44 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-27 05:20 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2008-01-13 19:02 6,656 ----a-w C:\Documents and Settings\no won chong\msdirectx.sys
2007-07-22 00:48 87,248 ----a-w C:\Documents and Settings\in ji chong\Application Data\winantiviruspro2007freeinstall[1].exe
2007-07-15 03:34 6,656 ----a-w C:\Documents and Settings\in hong chong\msdirectx.sys
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
2005-09-27 00:55 26,637 --sha-w C:\WINDOWS\SYSTEM32\ddccb.dll
.

<pre>
----a-w 39,792 2008-03-14 21:27:41 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
----a-w 1,388,544 2008-03-14 21:27:20 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP .exe
----a-w 159,832 2008-03-14 21:27:21 C:\Program Files\Common Files\AOL\1135963495\ee\AOLHostManager .exe
----a-w 290,816 2008-03-14 21:27:15 C:\Program Files\Dell\Media Experience\PCMService .exe
----a-w 202,544 2008-03-14 21:28:01 C:\Program Files\Dell Support Center\bin\sprtcmd .exe
----a-w 16,384 2008-03-14 21:27:37 C:\Program Files\Dell Support Center\gs_agent\custom\dsca .exe
----a-w 460,784 2008-03-14 21:27:56 C:\Program Files\DellSupport\DSAgnt .exe
----a-w 49,152 2008-03-14 21:27:36 C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w 267,048 2008-03-14 21:27:44 C:\Program Files\iTunes\iTunesHelper .exe
----a-w 32,881 2008-03-14 21:27:07 C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
----a-w 303,104 2008-03-14 21:27:16 C:\Program Files\McAfee.com\Agent\mcagent .exe
----a-w 212,992 2008-03-14 21:26:42 C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w 212,992 2008-03-02 04:10:36 C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w 212,992 2008-03-01 23:19:01 C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w 1,327,104 2008-03-14 21:27:23 C:\Program Files\McAfee.com\Personal Firewall\MpfTray .exe
----a-w 139,264 2008-03-14 21:27:14 C:\Program Files\McAfee.com\VSO\mcmnhdlr .exe
----a-w 180,224 2008-03-14 21:27:18 C:\Program Files\McAfee.com\VSO\mcvsshld .exe
----a-w 98,304 2008-03-10 00:56:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 385,024 2008-03-10 00:56:47 C:\Program Files\QuickTime\qttask .exe
----a-w 26,112 2008-02-17 22:03:32 C:\Program Files\Real\RealPlayer\RealPlay .exe
----a-w 53,248 2008-03-14 21:27:33 C:\Program Files\SmileyDistrict\plugin .exe
----a-w 15,360 2008-03-10 00:04:21 C:\WINDOWS\SYSTEM32\ctfmon .exe
----a-w 77,824 2008-03-14 21:27:31 C:\WINDOWS\SYSTEM32\hkcmd .exe
----a-w 114,688 2008-03-14 21:27:33 C:\WINDOWS\SYSTEM32\igfxpers .exe
----a-w 94,208 2008-03-14 21:27:24 C:\WINDOWS\SYSTEM32\igfxtray .exe
</pre>


-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE0F20D5-B451-4EF0-8E6B-35C2816EE53D}]
C:\WINDOWS\system32\jkhhf.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"fresxstyle"="lockbar.exe" []
"MSI Configuration"="msiconf.exe" []
"SpyShredder"="C:\Program Files\SpyShredder\SpyShredder.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"fresxstyle"="lockbar.exe" []
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"0cf5bf5f"="C:\WINDOWS\system32\qffidarn.dll" [ ]
"combofix"="C:\WINDOWS\system32\CF15340.exe" [2004-08-04 06:00 388608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"fresxstyle"="lockbar.exe" []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtstuu]
awtstuu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]
vtsqo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - NFTKECAA
.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 17:05:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2008-03-16 17:11:56 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-16 22:11:52
.
2008-02-14 00:18:51 --- E O F ---

Hi

Please do the following :-

Please Download CCleaner from :-

http://www.filehippo.com/download_ccleaner/ (click the download tab)

During the installation be sure to UN-check the box for "Ccleaner Yahoo Toolbar" unless you want it.

doubleclick the ccsetup.exe file and install the program...

After installing, go to Start > programs > CCleaner > Options > Advanced > UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

Make sure the "windows" tab is selected

Under "internet explorer" tick...

Temporary internet files
Cookies* > see Note below
History
Recently typed URL's (leave this unticked if you DON'T want to clear the drop down list in the address window of IE)
Delete index.dat files
Last download location
Autocomplete form history


under "Windows explorer" these are optional, but you can safely tick them all if you wish, they are only "most recently used lists"

Other explorer MRU's (leave this unticked if you DON'T want to clear lists such as the start\run list)

under "System"

Tick ALL these ...


under "Advanced"

no need to tick any of these (but you can if you want, and realise what they do)


Applications tab...

These will mostly clean out old log files for these applications...

Clean:- (if you use them)

Firefox/Mozilla (optional - leave the cookies - see note)
Opera
Sun Java
ZoneAlarm
...
Personally I clean everything in the applications tab... but you tick what you want...

Note: *If there are any cookies you want to keep (if you remove the cookie for a site you require a password for, you will need to re-enter your password when you next visit that site) ... click options > cookies > then keep the cookies you want.

click "analyse" if you want to see a list of what is going to be removed, before it is removed.

Or

click "run cleaner" to let it get on with it's work... clicking this will result in the following pop-up

"This process will permanently delete files from your system. Are you sure you wish to proceed?"

click OK.

THEN ...

Download Superantispyware.

http://www.superantispyware.com/

Once downloaded and installed update the definitions
and then run a full system scan quarantine what it finds!

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)

http://www.superantispyware.com/definitions.html

* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program.

Please remember to post :-

The SUPERAntiSpyware Scan Log

steam

I see you have multiple user accounts ...

Please run Ccleaner on each account,

eun soon chong
in hong chong
in ji chong
no won chong

steam

Hi steamwhiz, thanks for replying so quickly. I ran Ccleaner for each account. Here is my SUPERAntiSpyware Report:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/17/2008 at 09:07 PM

Application Version : 4.0.1154

Core Rules Database Version : 3421
Trace Rules Database Version: 1413

Scan type : Complete Scan
Total Scan Time : 01:02:10

Memory items scanned : 371
Memory threats detected : 0
Registry items scanned : 5272
Registry threats detected : 33
File items scanned : 70831
File threats detected : 2410

Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{0E4A5D5B-275C-4EEF-9C3D-163B28A0A0EF}
HKCR\CLSID\{0E4A5D5B-275C-4EEF-9C3D-163B28A0A0EF}
HKCR\CLSID\{0E4A5D5B-275C-4EEF-9C3D-163B28A0A0EF}\InprocServer32
HKCR\CLSID\{0E4A5D5B-275C-4EEF-9C3D-163B28A0A0EF}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\JKHHF.DLL
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AJJEPLCR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BQGSMVTT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BSDBMWNE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DAVEOYUD.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DRLFPDFV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EUVUHAYT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FNCFHFSP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GUVGOFGN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GVLCPEPW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GWOESQFY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HKKNRSRI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\IDRKOHXE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\IPNWIFFR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JCQWUOAF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JLBPLWRJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KFCTMSDN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KIHTPNEK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KUPVYDRA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MPUOQFAD.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OPAQNMIM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OQGQBKIL.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PGARJKYR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PGBYNWQU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QCVYFCUK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QVUKHOUL.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RFBNWQUU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RLIJEPRK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RPUQJPYQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UVUYVLXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WHESPSDO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WJKPTWEV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WLPRBDDG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XYLDTMPP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\YCCIHGIN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\YSPNLLDH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\YYFNCTWV.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113906.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138773.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138789.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138790.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138807.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138821.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138838.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138847.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138863.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138864.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138865.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138874.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138881.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138883.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138889.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138893.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138905.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138906.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138911.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138928.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138957.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138962.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138968.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138969.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138977.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138982.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138985.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138986.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138988.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139027.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139036.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139037.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139039.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139050.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139052.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139056.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139059.DLL

MyWay Search Assistant Computers
HKLM\Software\Classes\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\Programmable
C:\PROGRAM FILES\MYWAYSA\SRCHASDE\1.BIN\DESRCAS.DLL
HKLM\Software\Classes\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\Control
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\MiscStatus
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\MiscStatus\1
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\ProgID
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\Programmable
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\TypeLib
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\Version
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\Programmable
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKU\S-1-5-21-2424113687-766625981-3052225528-1006\Software\Microsoft\Internet Explorer\URLSearchHooks#{4D25F926-B9FE-4682-BF72-8AB8210D6D75}

Malware.SpyShredder
HKU\S-1-5-21-2424113687-766625981-3052225528-1006\Software\SpyShredder
HKU\S-1-5-21-2424113687-766625981-3052225528-1006\Software\Microsoft\Windows\CurrentVersion\Run#SpyShredder [ C:\Program Files\SpyShredder\SpyShredder.exe ]

Trojan.NtRootK-F
C:\DOCUMENTS AND SETTINGS\IN HONG CHONG\MSDIRECTX.SYS
C:\DOCUMENTS AND SETTINGS\NO WON CHONG\MSDIRECTX.SYS

Trojan.Smitfraud Variant
C:\DOCUMENTS AND SETTINGS\IN JI CHONG\APPLICATION DATA\WINANTIVIRUSPRO2007FREEINSTALL[1].EXE

Malware.DriveCleaner
C:\DOCUMENTS AND SETTINGS\IN JI CHONG\MY DOCUMENTS\INSTALLDRIVECLEANERSTART.EXE

Trojan.Vundo/Variant-Installer/B
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\QOOBOX\QUARANTINE\C\DOCUMENTS AND SETTINGS\IN HONG CHONG\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER .EXE.VIR
C:\QOOBOX\QUARANTINE\C\DOCUMENTS AND SETTINGS\IN HONG CHONG\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER .EXE.VIR
C:\QOOBOX\QUARANTINE\C\DOCUMENTS AND SETTINGS\IN HONG CHONG\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER .EXE.VIR
C:\QOOBOX\QUARANTINE\C\DOCUMENTS AND SETTINGS\IN HONG CHONG\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER .EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\MCAFEE.COM\AGENT\MCUPDA~1.EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\QUICKTIME\QTTASK .EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\QUICKTIME\QTTASK .EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\QUICKTIME\QTTASK .EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\QUICKTIME\QTTASK .EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\QUICKTIME\QTTASK .EXE.VIR
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\QUICKTIME\QTTASK.EXE.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JKHHF.EXE.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120435.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120436.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120438.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120440.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120441.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120442.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120444.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120445.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120446.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120447.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120449.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120450.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120451.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120452.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120453.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120455.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120456.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120457.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120458.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120459.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120461.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120462.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120463.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120478.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120498.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120520.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120522.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120546.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120564.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120565.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120566.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120568.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120569.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120570.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120571.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120572.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120573.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120574.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120581.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120582.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120583.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120586.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120587.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120588.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120590.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120591.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120592.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120594.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120596.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120597.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120598.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120625.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120641.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120661.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120662.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120663.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120664.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120666.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120667.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120668.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120669.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120672.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120674.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120675.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120678.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120679.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120680.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120682.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120683.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120685.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120686.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120687.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120689.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120690.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120691.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120692.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120733.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120753.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120754.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120755.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120756.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120758.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120759.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120760.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120761.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120763.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120764.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120765.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120767.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120768.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120769.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120770.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120771.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120772.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120773.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120775.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120776.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120778.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120779.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120780.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120827.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120852.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120853.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120854.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120855.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120856.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120858.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120859.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120860.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120862.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120865.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120867.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120871.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120873.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120875.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120876.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120877.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120878.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120879.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120881.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120882.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120883.EXE

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120884.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120885.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120888.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120889.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120928.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120951.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120952.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120953.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120955.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120956.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120957.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120958.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120960.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120961.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120962.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120963.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120964.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120965.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120966.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120967.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120968.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120969.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120970.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120972.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120974.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120976.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120977.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120978.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120979.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120980.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120981.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0120982.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121021.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121023.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121030.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121041.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121058.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121059.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121060.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121061.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121062.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121063.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121064.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121065.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121067.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121069.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121071.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121072.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121075.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121078.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121079.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121082.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121083.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121085.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121086.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121087.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121090.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121091.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121093.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121094.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121095.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121097.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121098.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121121.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121144.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121160.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121161.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121162.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121163.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121164.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121165.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121166.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121167.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121168.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121169.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121170.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121172.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121173.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121175.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121177.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121184.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121185.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121186.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121188.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121191.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121192.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121194.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121195.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121198.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121200.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121201.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121227.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121241.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121260.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121261.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121262.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121263.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121264.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121265.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121266.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121267.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121268.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121269.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121274.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121276.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121277.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121279.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121281.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121282.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121283.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121285.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121286.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121289.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121290.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121291.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121292.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121294.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121295.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121297.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121298.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121299.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121301.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121320.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121333.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121345.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp151\a0121365.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121374.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121397.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121398.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121399.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121400.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121401.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121402.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121403.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121404.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121405.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121406.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121408.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121409.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121410.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121411.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121412.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121413.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121416.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121420.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121422.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121425.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121427.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121428.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121429.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121430.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121433.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121435.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121436.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121437.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121438.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121439.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121467.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121468.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121469.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121470.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121471.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121472.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121473.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121474.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121475.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121477.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121478.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121479.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121480.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121481.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121482.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121483.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121486.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121487.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121488.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121490.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121491.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121492.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121493.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121495.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121496.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121497.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121498.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121537.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp152\a0121549.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121654.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121677.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121678.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121680.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121681.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121682.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121683.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121684.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121685.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121686.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121688.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121693.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121694.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121695.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121699.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121700.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121701.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121705.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121708.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121710.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121711.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121712.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121713.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121716.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121717.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121718.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121719.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121720.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0121750.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122638.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122668.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122686.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122687.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122688.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122689.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122690.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122691.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122692.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122693.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122694.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122695.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122699.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122702.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122703.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122704.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122705.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122708.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122711.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122712.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122714.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122716.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122717.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122718.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122720.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122721.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122723.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122724.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122725.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122726.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122727.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122751.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122763.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122764.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122766.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122767.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122768.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122769.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122770.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122771.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122772.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122773.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122775.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122776.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122777.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122779.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122780.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122781.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122782.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122783.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122784.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122785.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122788.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122791.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122792.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122795.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122796.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122800.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122802.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122804.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122805.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122806.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122808.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122830.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0122843.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123768.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123787.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123803.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123804.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123805.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123806.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123807.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123808.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123809.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123810.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123811.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123812.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123813.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123816.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123817.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123821.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123824.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123825.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123826.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123829.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123830.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123831.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123832.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123837.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123838.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123841.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123842.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123843.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123844.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123845.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123847.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123850.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123851.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp153\a0123852.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp154\a0124197.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124574.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124791.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124792.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124793.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124794.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124795.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124796.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124797.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124798.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124799.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124800.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124801.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124802.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124803.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124804.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124805.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124807.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124808.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124809.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124810.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124811.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124812.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124814.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124816.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124817.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124824.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124825.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124826.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124830.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124832.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124833.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124835.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124836.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124839.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124904.rbf
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124921.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124927.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124928.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124929.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124931.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124932.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124933.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124934.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124935.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124936.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124937.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124938.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124939.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124940.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124941.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124942.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124943.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124944.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124946.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124947.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124949.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124952.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124954.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124955.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124956.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124959.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124960.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124961.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124963.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124964.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124966.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124967.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124969.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124971.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124972.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124973.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp156\a0124992.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125929.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125930.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125931.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125932.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125933.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125934.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125935.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125936.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125937.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125938.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125939.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125940.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125941.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125942.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125943.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125944.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125946.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125948.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125949.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125950.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125951.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125952.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125954.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125955.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125956.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125957.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125959.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125960.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125961.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125962.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125964.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125965.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125967.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp157\a0125975.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126036.rbf
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126180.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126182.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126183.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126184.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126185.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126186.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126187.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126188.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126189.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126190.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126192.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126194.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126195.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126196.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126197.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126198.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126199.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126200.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126202.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126203.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126204.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126205.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126206.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126207.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126209.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126213.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126215.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126217.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126219.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126220.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126221.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126222.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126223.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126224.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126226.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126228.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0126229.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127176.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127200.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127202.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127203.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127204.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127205.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127209.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127210.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127211.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127214.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127215.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127216.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127217.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127219.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127221.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127222.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127223.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127224.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127225.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127226.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127228.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127230.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127231.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127232.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127233.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127234.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127237.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127238.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127239.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127240.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127241.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127243.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127244.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127246.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127247.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127248.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127249.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp158\a0127250.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127287.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127301.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127311.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127313.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127314.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127315.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127316.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127317.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127318.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127319.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127320.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127321.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127322.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127323.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127325.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127326.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127327.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127328.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127331.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127332.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127333.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127337.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127338.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127339.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127341.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127342.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127344.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127347.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127348.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127349.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127350.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127351.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127352.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127353.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127356.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127357.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127358.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127387.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127388.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127389.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127390.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127391.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127392.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127393.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127394.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127395.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127396.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127397.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127398.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127399.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127400.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127401.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127402.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127403.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127404.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127406.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127407.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127408.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127409.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127410.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127411.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127413.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127414.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127415.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127416.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127418.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127420.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127421.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127425.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127426.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127428.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127429.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127431.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127432.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127472.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127477.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127483.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127484.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127485.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127486.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127487.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127488.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127489.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127490.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127491.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127492.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127493.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127494.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127495.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127496.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127497.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127498.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127499.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127500.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127501.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127502.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127503.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127505.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127506.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127508.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127509.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127510.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127511.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127512.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127513.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127516.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127517.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127519.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127521.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127522.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127524.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127526.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127527.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127529.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127530.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127531.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127569.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127586.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127624.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127627.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127628.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127638.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127644.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127650.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127654.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127656.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127659.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127660.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127661.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127699.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127710.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127728.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127741.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127742.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127743.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127744.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127746.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127747.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127750.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127752.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127753.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127755.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127756.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127757.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127759.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127760.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127761.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127762.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127763.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127765.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127766.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127768.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127769.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127770.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127772.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127773.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127774.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127775.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127776.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127777.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127778.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127782.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127787.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127788.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127790.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127792.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127793.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127794.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127795.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127797.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127798.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127799.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127831.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127842.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127843.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127844.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127845.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127846.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127847.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127848.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127849.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127850.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127852.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127854.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127856.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127857.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127858.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127861.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127862.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127863.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127864.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127866.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127869.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127870.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127871.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127872.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127873.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127874.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127875.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127878.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127879.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127881.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127883.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127884.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127886.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127887.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127889.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127890.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127891.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127892.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127894.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127896.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127897.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127900.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127901.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127902.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127903.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127926.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127950.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127952.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127953.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127954.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127955.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127956.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127957.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127960.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127961.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127962.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127967.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127968.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127969.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127970.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127971.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127973.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127974.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127976.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127977.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127978.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127979.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127980.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127981.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127984.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127985.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127986.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127987.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127988.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127989.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127991.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127994.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127995.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0127997.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128001.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128002.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128003.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128004.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128005.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128006.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128008.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128009.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128010.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128018.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128948.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128969.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0128986.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129004.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129019.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129020.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129021.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129022.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129023.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129024.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129025.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129026.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129027.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129031.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129032.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129035.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129036.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129037.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129038.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129040.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129041.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129042.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129043.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129044.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129045.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129046.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129048.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129049.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129050.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129051.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129053.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129054.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129055.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129056.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129059.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129061.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129062.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129065.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129066.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129068.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129069.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129071.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129072.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129075.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129076.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129078.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129080.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129081.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129082.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129083.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129084.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129085.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129109.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129111.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129130.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129132.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129133.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129134.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129135.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129136.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129137.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129138.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129139.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129140.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129141.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129142.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129143.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129144.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129145.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129146.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129147.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129148.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129149.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129151.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129152.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129153.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129154.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129155.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129156.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129157.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129158.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129159.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129160.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129161.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129169.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129170.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129171.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129173.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129176.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129177.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129179.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129182.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129184.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129185.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129186.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129188.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129189.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129191.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129192.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129193.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129194.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129195.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129196.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129199.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129200.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129243.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129244.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0129275.rbf
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130141.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130160.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130162.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130163.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130166.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130171.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130174.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130175.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130176.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130177.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130179.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130180.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130182.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130184.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130185.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130186.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130187.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130188.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130189.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130191.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130192.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130193.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130195.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130196.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130198.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130199.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130202.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130203.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130204.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130205.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130206.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130207.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130208.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130211.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130213.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130215.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130216.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130217.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130219.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130220.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130221.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130222.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130223.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130231.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130232.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130233.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130234.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130235.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130236.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130237.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130238.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130239.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130240.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130241.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130242.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130243.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130244.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130245.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130246.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130247.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130248.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130249.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130250.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130251.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130252.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130253.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130254.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130255.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130258.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0130259.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131137.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131155.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131156.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131158.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131159.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131160.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131161.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131162.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131163.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131167.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131169.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131170.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131174.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131175.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131176.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131179.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131180.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131182.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131184.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131186.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131188.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131189.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131226.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131228.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131241.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131264.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131265.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131266.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131268.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131271.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131273.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131275.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131278.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131279.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131280.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131282.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131283.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131284.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131287.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131289.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131290.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131291.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131294.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131296.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131297.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131298.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131299.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131300.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131301.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131302.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131315.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131334.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131347.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131348.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131349.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131350.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131352.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131355.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131356.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131357.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131359.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131363.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131364.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131365.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131367.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131368.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131371.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131374.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131375.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131378.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131379.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131380.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131381.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131382.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131384.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131385.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131388.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131389.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131391.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131399.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131430.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131431.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131457.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131458.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131481.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131482.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131483.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131484.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131485.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131487.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131488.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131493.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131495.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131496.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131497.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131500.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131505.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131506.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131508.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131509.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131513.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131515.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131519.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131520.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131522.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131523.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131524.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131525.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131526.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131528.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131529.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131530.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0131532.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132459.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132468.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132469.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132470.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132471.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132472.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132473.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132479.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132480.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132481.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132484.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132485.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132486.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132487.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132491.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132493.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132494.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132495.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132496.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132497.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132498.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132502.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132503.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132506.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132507.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132508.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132509.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132511.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132512.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132514.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132516.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132517.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132537.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132538.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132539.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132540.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132541.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132542.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132544.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132545.exe

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132546.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132547.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132548.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132551.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132585.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132593.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132594.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132596.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132597.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132650.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133582.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133599.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133603.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133630.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134601.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134624.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134673.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135595.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135597.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135599.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135603.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135616.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135635.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135638.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135643.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135644.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135645.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135646.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135647.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135648.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135649.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135656.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135658.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135664.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135665.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135696.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135697.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135699.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135700.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135701.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135702.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135703.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135704.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135705.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135706.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135780.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136630.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136991.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136998.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136999.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137000.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137635.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137643.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137645.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137646.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137647.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137648.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137649.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137654.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137658.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137659.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137661.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137697.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137700.exe

C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137701.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137702.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137703.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137704.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137716.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137719.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137720.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137721.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137722.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137723.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137724.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137725.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137727.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137728.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137729.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137730.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137731.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137732.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137733.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138632.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138638.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138646.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138678.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138679.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138681.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138692.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138693.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138696.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138750.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138751.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138752.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138755.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139184.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139185.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139186.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139187.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139188.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139189.EXE

Trojan.Downloader-SpyTool
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ACSQSWEX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AJINAYEY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AQVTJXWA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AYGYWTHI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EMCXNFSC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ENCEHYLX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JATKCPVM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JPJUNXOU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MRBANTAU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ODHFHKSJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TXQTWUVT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WBGHYHNI.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138769.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138772.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138776.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138778.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138833.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138834.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138887.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138897.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138929.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138950.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139017.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139035.DLL

Trojan.Downloader-CREW
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AEPWLKBW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AEYMFDXC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\APQHTUDT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AYMYDQUR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BBWLIDJP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BHOTIGGF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BJDOUVUC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BTCXTEWP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BVTYJOWW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CFELXTRS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CFPKYYDB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CGFRYFKQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CNXHSCRY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CQQEVDNM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CWRHGMTR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CXLPKHGP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CYSHLDWU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DNIUGREU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DNSLCHWB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DPCTQYXQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DPTQNCRJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DQGKCIOC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DTWQEPII.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DYYVNPAW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EJUJGQMC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ELLTTSWY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EMCNNXOS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EVONDEVK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FBAQRIXJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FHSJKLVR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FHWEPGLV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FILGUPRL.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FODWCMJN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FXNTHWST.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FYFIRBVK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GCWQQVYP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GTUYYLWJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HBLHGFCA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HBRQCJNV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HFITGQWW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HIWMLNJO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HRQHBWVS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HTTXPWNB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\IQVBSBCE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JCILJEKF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JDSGKRPT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JKNJWXAS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JMTSNHYR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JNNHSNDN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JTGNRWYH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JUKDYEJG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JVDUOAYW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KANXIVVQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KMDYRWEO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KRQOQLEG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LCCFIGXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LORDEQBP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LSPSHWPT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LUSAMOSN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MBBJLYBW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MBEWTACA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MPFAKMDE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MVCXKWSU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\NFHFTULO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\NPNNQGGA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OLLVOUWO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OMCKTEVR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OUHERYEB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OVMRLFTQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PCYWXMEH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PIVGNWWF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PLUSFTJP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PMRKQOBS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PMUXJWTY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PUVEVYVC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QLIBIDNS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QSXBARKG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RDEBJTYU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RNHKGWGM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\SIVPWLFD.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\SWYMCDXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TBKXTSQJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TEDIOULN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TKBEXYDH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TOMCOTEJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TTFKAOGE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TVJEQGPQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TYRKSHDA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UOFSXOID.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UOKTGIER.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UWQPDKSW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VAOKRTXA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VCIPBIOV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VGLKXKRA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VMEULKHI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VOBJIUPG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WRADTLDI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XKYWANFA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XNCQFAWX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XSVOQENV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\YPUSFRGW.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135784.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138770.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138771.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138779.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138781.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138785.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138787.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138791.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138792.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138794.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138795.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138796.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138798.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138800.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138803.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138804.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138805.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138815.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138817.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138818.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138819.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138820.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138822.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138824.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138829.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138831.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138832.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138839.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138842.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138844.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138845.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138846.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138850.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138854.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138855.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138857.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138862.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138868.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138869.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138871.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138872.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138877.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138878.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138884.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138888.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138890.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138891.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138895.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138896.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138898.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138899.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138900.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138902.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138907.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138910.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138913.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138915.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138919.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138920.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138922.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138923.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138927.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138933.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138935.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138941.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138954.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138955.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138963.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138964.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138967.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138970.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138971.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138972.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138974.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138975.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138978.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138981.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138984.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138987.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138997.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139003.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139005.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139006.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139008.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139010.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139011.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139015.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139018.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139025.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139026.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139028.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139029.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139030.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139031.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139032.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139033.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139041.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139045.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139046.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139049.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139054.DLL
C:\WINDOWS\SYSTEM32\KCAAMNGA.DLL
C:\WINDOWS\SYSTEM32\NBUTFNDQ.DLL
C:\WINDOWS\SYSTEM32\NELWIIPD.DLL
C:\WINDOWS\SYSTEM32\OQFMNLXA.DLL
C:\WINDOWS\SYSTEM32\RGCUHIPU.DLL
C:\WINDOWS\SYSTEM32\ULHFXUAD.DLL

Trojan.Unknown Origin
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AMSTREA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ATL7.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\C.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CMPROP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CNVFA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DX3.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138763.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138764.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138765.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138766.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138767.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138768.DLL

Trojan.Download-Gen/N_BHO
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP131\A0108028.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0114056.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0114083.DLL

Trojan.Downloader-Gen/LIB
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113904.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113905.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113907.DLL

Trojan.Unclassified-Packed/Suspicious
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114393.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114801.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129095.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131538.DLL

Adware.eZula
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP136\A0115356.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135707.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135710.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135711.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135712.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135713.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135714.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135715.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135717.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135719.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135723.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135724.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135727.EXE

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135728.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135729.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135730.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135731.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135732.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135733.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135735.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135736.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135739.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135740.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135742.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135743.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135744.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135745.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135746.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135748.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135750.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135752.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135753.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135755.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135756.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135757.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135758.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135759.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135760.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135761.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135762.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135763.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135764.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135765.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135766.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135768.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135770.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135771.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135772.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135773.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135774.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135776.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135777.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135781.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135782.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135783.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135785.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135786.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135788.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135789.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135790.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135791.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135792.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135793.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135794.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135795.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135797.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135798.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135799.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135800.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135801.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135802.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135803.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135804.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135805.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135806.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135807.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135808.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135809.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135811.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135812.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135813.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135814.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135815.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135816.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135817.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135819.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135820.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135821.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135822.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135823.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135824.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135825.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135827.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135828.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135830.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135831.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135832.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135833.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135834.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135835.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135836.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135837.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135838.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135839.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135840.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135841.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135842.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135843.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135844.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135845.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135848.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135850.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135851.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135853.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135854.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135856.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135857.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135858.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135859.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135860.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135862.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135863.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135864.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135865.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135866.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135867.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135868.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135869.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135870.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135871.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135873.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135874.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135875.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135876.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135877.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135878.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135880.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135882.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135883.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135884.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135885.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135886.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135888.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135889.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135890.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135891.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135892.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135893.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135896.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135897.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135898.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135899.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135901.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135902.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135903.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135904.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135906.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135907.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135909.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135910.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135911.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135912.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135914.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135915.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135916.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135918.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135919.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135920.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135921.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135922.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135923.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135925.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135927.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135928.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135929.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135930.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135931.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135932.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135933.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135934.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135935.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135936.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135937.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135938.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135939.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135940.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135941.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135942.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135943.exe

C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135944.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135945.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135946.EXE
C:\WINDOWS\SYSTEM32\CSKFMMOD.EXE
C:\WINDOWS\SYSTEM32\TOQMVAPJ.EXE

Adware.WhenU
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP149\A0119985.EXE

Trojan.Downloader-Gen/HardFall
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120430.DLL

Trojan.Downloader-Gen/DDC
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120484.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120497.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120519.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120545.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120640.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120731.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120825.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120927.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121039.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121143.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121239.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121343.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121373.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121547.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121652.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122666.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122842.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123767.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123786.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127175.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127300.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127568.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127585.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127829.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127925.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128029.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128947.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128967.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128985.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129003.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130140.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131135.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131214.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132458.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132584.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0133581.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137715.EXE
C:\WINDOWS\SYSTEM32\ABOPKXNN.EXE
C:\WINDOWS\SYSTEM32\ABRMUKXQ.EXE
C:\WINDOWS\SYSTEM32\ADNEYROS.EXE
C:\WINDOWS\SYSTEM32\AICUUPCL.EXE
C:\WINDOWS\SYSTEM32\AJAFTLUV.EXE
C:\WINDOWS\SYSTEM32\AJQKHTNJ.EXE
C:\WINDOWS\SYSTEM32\ASQNYAXS.EXE
C:\WINDOWS\SYSTEM32\AUPQYFOX.EXE
C:\WINDOWS\SYSTEM32\AXUSURMA.EXE
C:\WINDOWS\SYSTEM32\BELYHISU.EXE
C:\WINDOWS\SYSTEM32\BODFUBGB.EXE
C:\WINDOWS\SYSTEM32\BUTYSGYW.EXE
C:\WINDOWS\SYSTEM32\BXVXBQLT.EXE
C:\WINDOWS\SYSTEM32\CAADWCLU.EXE
C:\WINDOWS\SYSTEM32\CBDLHXKQ.EXE
C:\WINDOWS\SYSTEM32\CGNFGLUO.EXE
C:\WINDOWS\SYSTEM32\CHHJGKLX.EXE
C:\WINDOWS\SYSTEM32\CHPRIHUS.EXE
C:\WINDOWS\SYSTEM32\CHWMTECM.EXE
C:\WINDOWS\SYSTEM32\CIOFSJXK.EXE
C:\WINDOWS\SYSTEM32\CIVTYLOH.EXE
C:\WINDOWS\SYSTEM32\CLFMBVIH.EXE
C:\WINDOWS\SYSTEM32\CMLRRDIO.EXE
C:\WINDOWS\SYSTEM32\CNUXFJFU.EXE
C:\WINDOWS\SYSTEM32\CPUWBVLS.EXE
C:\WINDOWS\SYSTEM32\CQFGVHHS.EXE
C:\WINDOWS\SYSTEM32\CSKOCLBQ.EXE
C:\WINDOWS\SYSTEM32\CSKSNKPO.EXE
C:\WINDOWS\SYSTEM32\CVCFGYXC.EXE
C:\WINDOWS\SYSTEM32\CVWVUKWI.EXE
C:\WINDOWS\SYSTEM32\CXOKBMHQ.EXE
C:\WINDOWS\SYSTEM32\DHLNWHWB.EXE
C:\WINDOWS\SYSTEM32\DIHQVAMA.EXE
C:\WINDOWS\SYSTEM32\DLYNUCSM.EXE
C:\WINDOWS\SYSTEM32\DOQETALD.EXE
C:\WINDOWS\SYSTEM32\DPCJHGKL.EXE
C:\WINDOWS\SYSTEM32\DPLILKAI.EXE
C:\WINDOWS\SYSTEM32\DSDJXBTU.EXE
C:\WINDOWS\SYSTEM32\DTMGKLDT.EXE
C:\WINDOWS\SYSTEM32\DTWQTQXX.EXE
C:\WINDOWS\SYSTEM32\DUKOIDVG.EXE
C:\WINDOWS\SYSTEM32\DVLYDUDR.EXE
C:\WINDOWS\SYSTEM32\DXPORYOE.EXE
C:\WINDOWS\SYSTEM32\DYPYLIRP.EXE
C:\WINDOWS\SYSTEM32\EAQCGYOO.EXE
C:\WINDOWS\SYSTEM32\ECPBSKLW.EXE
C:\WINDOWS\SYSTEM32\EDKGSODR.EXE
C:\WINDOWS\SYSTEM32\EFMAGKXX.EXE
C:\WINDOWS\SYSTEM32\EFNVEAIX.EXE
C:\WINDOWS\SYSTEM32\EFUPAJQN.EXE
C:\WINDOWS\SYSTEM32\EIVPLOVL.EXE
C:\WINDOWS\SYSTEM32\ETJWCTDE.EXE
C:\WINDOWS\SYSTEM32\ETSSXFBN.EXE
C:\WINDOWS\SYSTEM32\EVEODDHJ.EXE
C:\WINDOWS\SYSTEM32\EXKOEBKK.EXE
C:\WINDOWS\SYSTEM32\EYVBHFYX.EXE
C:\WINDOWS\SYSTEM32\FAWUXLKC.EXE
C:\WINDOWS\SYSTEM32\FDMIYBCR.EXE
C:\WINDOWS\SYSTEM32\FITPMATB.EXE
C:\WINDOWS\SYSTEM32\FLEHWQMP.EXE
C:\WINDOWS\SYSTEM32\FNWISJYI.EXE
C:\WINDOWS\SYSTEM32\FTELINOP.EXE
C:\WINDOWS\SYSTEM32\FTIUDBXJ.EXE
C:\WINDOWS\SYSTEM32\GFCKFDOW.EXE
C:\WINDOWS\SYSTEM32\GFDECLTK.EXE
C:\WINDOWS\SYSTEM32\GFRQBMIW.EXE
C:\WINDOWS\SYSTEM32\GHXBJDYT.EXE
C:\WINDOWS\SYSTEM32\GJFFCFET.EXE
C:\WINDOWS\SYSTEM32\GJYJQHID.EXE
C:\WINDOWS\SYSTEM32\GOMDNEFD.EXE
C:\WINDOWS\SYSTEM32\GTIQWSEF.EXE
C:\WINDOWS\SYSTEM32\GUVASNDS.EXE
C:\WINDOWS\SYSTEM32\GUVTNWIN.EXE
C:\WINDOWS\SYSTEM32\GVQNEDOO.EXE
C:\WINDOWS\SYSTEM32\HDXTFJDY.EXE
C:\WINDOWS\SYSTEM32\HEETIFVW.EXE
C:\WINDOWS\SYSTEM32\HFETVTWF.EXE
C:\WINDOWS\SYSTEM32\HFRVYKSC.EXE
C:\WINDOWS\SYSTEM32\HFSGDSHB.EXE
C:\WINDOWS\SYSTEM32\HHVXTUKU.EXE
C:\WINDOWS\SYSTEM32\HIOAXNVO.EXE
C:\WINDOWS\SYSTEM32\HKLPBYGN.EXE
C:\WINDOWS\SYSTEM32\HLERJSYX.EXE
C:\WINDOWS\SYSTEM32\HOERRTEC.EXE
C:\WINDOWS\SYSTEM32\HPIBDNPI.EXE
C:\WINDOWS\SYSTEM32\HSFGUMCC.EXE
C:\WINDOWS\SYSTEM32\HTJNNCPQ.EXE
C:\WINDOWS\SYSTEM32\HTKHAHMR.EXE
C:\WINDOWS\SYSTEM32\HTUJEFMN.EXE
C:\WINDOWS\SYSTEM32\IFAIUORN.EXE
C:\WINDOWS\SYSTEM32\IGBMVWHH.EXE
C:\WINDOWS\SYSTEM32\IHCYNRWG.EXE
C:\WINDOWS\SYSTEM32\IHOHYFUC.EXE
C:\WINDOWS\SYSTEM32\IKCOWHKA.EXE
C:\WINDOWS\SYSTEM32\ILBXNTWP.EXE
C:\WINDOWS\SYSTEM32\INBBODRF.EXE
C:\WINDOWS\SYSTEM32\INJUNTFM.EXE
C:\WINDOWS\SYSTEM32\IODBUCUI.EXE
C:\WINDOWS\SYSTEM32\IRHCKNRM.EXE
C:\WINDOWS\SYSTEM32\IVIJCKKV.EXE
C:\WINDOWS\SYSTEM32\JFTRFCQD.EXE
C:\WINDOWS\SYSTEM32\JHFNVIQU.EXE
C:\WINDOWS\SYSTEM32\JIBGVBER.EXE
C:\WINDOWS\SYSTEM32\JKQJUQKC.EXE
C:\WINDOWS\SYSTEM32\JQNIUBCS.EXE
C:\WINDOWS\SYSTEM32\JSCYLVJK.EXE
C:\WINDOWS\SYSTEM32\JTTGMHAH.EXE
C:\WINDOWS\SYSTEM32\JWJEERXD.EXE
C:\WINDOWS\SYSTEM32\JYEULJMF.EXE
C:\WINDOWS\SYSTEM32\KGPYAVGW.EXE
C:\WINDOWS\SYSTEM32\KMGUVNSE.EXE
C:\WINDOWS\SYSTEM32\KSLLYBPE.EXE
C:\WINDOWS\SYSTEM32\KTEGFYCP.EXE
C:\WINDOWS\SYSTEM32\KUFNQQUD.EXE
C:\WINDOWS\SYSTEM32\LBCIDWTH.EXE
C:\WINDOWS\SYSTEM32\LENIXRCG.EXE
C:\WINDOWS\SYSTEM32\LJTKXFHM.EXE
C:\WINDOWS\SYSTEM32\LNQDXGDF.EXE
C:\WINDOWS\SYSTEM32\LPLEOBUJ.EXE
C:\WINDOWS\SYSTEM32\LPNSYBRT.EXE
C:\WINDOWS\SYSTEM32\LQQBMVUL.EXE
C:\WINDOWS\SYSTEM32\LRAVHFCH.EXE
C:\WINDOWS\SYSTEM32\LSYIHBOI.EXE
C:\WINDOWS\SYSTEM32\LWNOUNVE.EXE
C:\WINDOWS\SYSTEM32\LXNBOQLD.EXE
C:\WINDOWS\SYSTEM32\MHVIUPFA.EXE
C:\WINDOWS\SYSTEM32\MJDYESHR.EXE
C:\WINDOWS\SYSTEM32\MKEBSVRP.EXE
C:\WINDOWS\SYSTEM32\MLGUWAJY.EXE
C:\WINDOWS\SYSTEM32\MMHXWKLC.EXE
C:\WINDOWS\SYSTEM32\MMNAQSET.EXE
C:\WINDOWS\SYSTEM32\MONFBUFW.EXE
C:\WINDOWS\SYSTEM32\MORAGHRW.EXE
C:\WINDOWS\SYSTEM32\MQXRYFUH.EXE
C:\WINDOWS\SYSTEM32\MRFJYXHJ.EXE
C:\WINDOWS\SYSTEM32\MRSTUMBI.EXE
C:\WINDOWS\SYSTEM32\MXXDNWLE.EXE
C:\WINDOWS\SYSTEM32\NBEETCVI.EXE
C:\WINDOWS\SYSTEM32\NCRFDXGD.EXE
C:\WINDOWS\SYSTEM32\NEBASIRA.EXE
C:\WINDOWS\SYSTEM32\NJTXJGSV.EXE
C:\WINDOWS\SYSTEM32\NJTXVEUP.EXE
C:\WINDOWS\SYSTEM32\NNONVXXF.EXE
C:\WINDOWS\SYSTEM32\NQCVQKFQ.EXE
C:\WINDOWS\SYSTEM32\NTQFARWL.EXE
C:\WINDOWS\SYSTEM32\NVFWKWLY.EXE
C:\WINDOWS\SYSTEM32\OAUUFHPQ.EXE
C:\WINDOWS\SYSTEM32\OBEOOWMX.EXE
C:\WINDOWS\SYSTEM32\OBRIBWCB.EXE
C:\WINDOWS\SYSTEM32\OBWSBCJQ.EXE
C:\WINDOWS\SYSTEM32\OCMXIGRX.EXE
C:\WINDOWS\SYSTEM32\OCTEBKYH.EXE
C:\WINDOWS\SYSTEM32\OCTEGDYB.EXE
C:\WINDOWS\SYSTEM32\OCYFSWVY.EXE
C:\WINDOWS\SYSTEM32\ODLHVMQI.EXE
C:\WINDOWS\SYSTEM32\OJSHCWJJ.EXE
C:\WINDOWS\SYSTEM32\OKRXDNPB.EXE
C:\WINDOWS\SYSTEM32\OLPMCOUF.EXE
C:\WINDOWS\SYSTEM32\OMPCORPH.EXE
C:\WINDOWS\SYSTEM32\ONSDQBNB.EXE
C:\WINDOWS\SYSTEM32\OQKHLPCX.EXE
C:\WINDOWS\SYSTEM32\OQRLWSOE.EXE
C:\WINDOWS\SYSTEM32\OQTLOEWA.EXE
C:\WINDOWS\SYSTEM32\OVPQLYEO.EXE
C:\WINDOWS\SYSTEM32\OWAMVYSE.EXE
C:\WINDOWS\SYSTEM32\OWTAQAXQ.EXE
C:\WINDOWS\SYSTEM32\OXGMTYUC.EXE
C:\WINDOWS\SYSTEM32\PANGQBPN.EXE
C:\WINDOWS\SYSTEM32\PFNGDMDM.EXE
C:\WINDOWS\SYSTEM32\PGXTRTRJ.EXE
C:\WINDOWS\SYSTEM32\PIGAEXND.EXE
C:\WINDOWS\SYSTEM32\PKBXTQDB.EXE
C:\WINDOWS\SYSTEM32\PKMETMGD.EXE
C:\WINDOWS\SYSTEM32\PMUXDKMX.EXE
C:\WINDOWS\SYSTEM32\PRJXFIOX.EXE
C:\WINDOWS\SYSTEM32\PSFVOCQQ.EXE
C:\WINDOWS\SYSTEM32\PTORVXMR.EXE
C:\WINDOWS\SYSTEM32\PUOABXYG.EXE
C:\WINDOWS\SYSTEM32\QAMCFCOT.EXE
C:\WINDOWS\SYSTEM32\QEPHFUYA.EXE
C:\WINDOWS\SYSTEM32\QFJBDEEV.EXE
C:\WINDOWS\SYSTEM32\QHGSQNIN.EXE
C:\WINDOWS\SYSTEM32\QHUMUTJD.EXE
C:\WINDOWS\SYSTEM32\QHWWRHMV.EXE
C:\WINDOWS\SYSTEM32\QIOFSLHR.EXE
C:\WINDOWS\SYSTEM32\QIPQASVB.EXE
C:\WINDOWS\SYSTEM32\QJECLODX.EXE
C:\WINDOWS\SYSTEM32\QKVSMAKA.EXE
C:\WINDOWS\SYSTEM32\QNFDFEMX.EXE
C:\WINDOWS\SYSTEM32\QQVPBXDM.EXE
C:\WINDOWS\SYSTEM32\QQYITVUK.EXE
C:\WINDOWS\SYSTEM32\QRXKPJLK.EXE
C:\WINDOWS\SYSTEM32\QTNRUQBV.EXE
C:\WINDOWS\SYSTEM32\RAVAPEKT.EXE
C:\WINDOWS\SYSTEM32\RBFYWNTQ.EXE
C:\WINDOWS\SYSTEM32\RGKIHRPQ.EXE
C:\WINDOWS\SYSTEM32\RJOSMSLF.EXE
C:\WINDOWS\SYSTEM32\RKRVNPVR.EXE
C:\WINDOWS\SYSTEM32\RRXEKASY.EXE
C:\WINDOWS\SYSTEM32\RTCCPSUS.EXE
C:\WINDOWS\SYSTEM32\RVCQABYW.EXE
C:\WINDOWS\SYSTEM32\RVKLMJTY.EXE
C:\WINDOWS\SYSTEM32\SAXHQXAV.EXE
C:\WINDOWS\SYSTEM32\SNKTFXAL.EXE
C:\WINDOWS\SYSTEM32\SPIVXAJE.EXE
C:\WINDOWS\SYSTEM32\SQFNBDXL.EXE
C:\WINDOWS\SYSTEM32\SRQTRYTI.EXE
C:\WINDOWS\SYSTEM32\STHPJQRI.EXE
C:\WINDOWS\SYSTEM32\SVBTDNUN.EXE
C:\WINDOWS\SYSTEM32\SVNORGSR.EXE
C:\WINDOWS\SYSTEM32\SVWRBWXP.EXE
C:\WINDOWS\SYSTEM32\TAHHHTSU.EXE
C:\WINDOWS\SYSTEM32\TBRPDAAQ.EXE
C:\WINDOWS\SYSTEM32\TTMGPHCH.EXE
C:\WINDOWS\SYSTEM32\TYACTIUS.EXE
C:\WINDOWS\SYSTEM32\TYNLWRMP.EXE
C:\WINDOWS\SYSTEM32\TYNVGTVE.EXE
C:\WINDOWS\SYSTEM32\UALAPBMM.EXE
C:\WINDOWS\SYSTEM32\UBNJQTXI.EXE
C:\WINDOWS\SYSTEM32\UFXABBAC.EXE
C:\WINDOWS\SYSTEM32\UISIORUC.EXE
C:\WINDOWS\SYSTEM32\UIXIHCQO.EXE
C:\WINDOWS\SYSTEM32\ULBFIDWX.EXE
C:\WINDOWS\SYSTEM32\UODPMRDJ.EXE
C:\WINDOWS\SYSTEM32\UOXQXMLS.EXE
C:\WINDOWS\SYSTEM32\USOVGBST.EXE
C:\WINDOWS\SYSTEM32\UTGHOMYQ.EXE
C:\WINDOWS\SYSTEM32\UUIWXUII.EXE
C:\WINDOWS\SYSTEM32\VHXMJVVK.EXE
C:\WINDOWS\SYSTEM32\VIUHGAUC.EXE
C:\WINDOWS\SYSTEM32\VJEDONKL.EXE
C:\WINDOWS\SYSTEM32\VXORMLDI.EXE
C:\WINDOWS\SYSTEM32\WDBURKGX.EXE
C:\WINDOWS\SYSTEM32\WDIWDJTF.EXE
C:\WINDOWS\SYSTEM32\WDTNMTXC.EXE
C:\WINDOWS\SYSTEM32\WEGAXJLW.EXE
C:\WINDOWS\SYSTEM32\WFKHXTBC.EXE
C:\WINDOWS\SYSTEM32\WGKSAFVC.EXE
C:\WINDOWS\SYSTEM32\WGVAHVCM.EXE
C:\WINDOWS\SYSTEM32\WHOBAYWM.EXE
C:\WINDOWS\SYSTEM32\WISPTIBN.EXE
C:\WINDOWS\SYSTEM32\WIWBIRME.EXE
C:\WINDOWS\SYSTEM32\WJFQHLUO.EXE
C:\WINDOWS\SYSTEM32\WLQVBRBH.EXE
C:\WINDOWS\SYSTEM32\WOPIDXCX.EXE
C:\WINDOWS\SYSTEM32\XBRONFCC.EXE
C:\WINDOWS\SYSTEM32\XDLYTWYF.EXE
C:\WINDOWS\SYSTEM32\XFNQJCPV.EXE
C:\WINDOWS\SYSTEM32\XGIHDHAK.EXE
C:\WINDOWS\SYSTEM32\XIGMELIW.EXE
C:\WINDOWS\SYSTEM32\XIKOQPUP.EXE
C:\WINDOWS\SYSTEM32\XJFSCILE.EXE
C:\WINDOWS\SYSTEM32\XKNUYEJM.EXE
C:\WINDOWS\SYSTEM32\XPNUJJJK.EXE
C:\WINDOWS\SYSTEM32\XPOSARNP.EXE
C:\WINDOWS\SYSTEM32\XRYVMRMH.EXE
C:\WINDOWS\SYSTEM32\XSDUDUDY.EXE
C:\WINDOWS\SYSTEM32\XWGPARAE.EXE
C:\WINDOWS\SYSTEM32\YELIECOD.EXE
C:\WINDOWS\SYSTEM32\YFFQHSJX.EXE
C:\WINDOWS\SYSTEM32\YMUAHQMP.EXE
C:\WINDOWS\SYSTEM32\YNSPWYFM.EXE
C:\WINDOWS\SYSTEM32\YOMKWJJW.EXE
C:\WINDOWS\SYSTEM32\YYATNRDJ.EXE
C:\WINDOWS\SYSTEM32\YYSWKMGD.EXE
C:\WINDOWS\Prefetch\AJAFTLUV.EXE-39431F8B.pf
C:\WINDOWS\Prefetch\ETSSXFBN.EXE-071A88E3.pf
C:\WINDOWS\Prefetch\GFCKFDOW.EXE-06012182.pf
C:\WINDOWS\Prefetch\LJTKXFHM.EXE-31395D0D.pf
C:\WINDOWS\Prefetch\NJTXVEUP.EXE-1132D9AA.pf
C:\WINDOWS\Prefetch\OCYFSWVY.EXE-22DC16B0.pf
C:\WINDOWS\Prefetch\QHGSQNIN.EXE-1CF79283.pf
C:\WINDOWS\Prefetch\QQVPBXDM.EXE-1DC801A1.pf
C:\WINDOWS\Prefetch\SVBTDNUN.EXE-3542BFA0.pf

Adware.Vundo-Variant/Small-A
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122758.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124780.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124782.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124783.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127562.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127702.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128940.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129103.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131127.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131254.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131255.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131336.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131337.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131338.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131424.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0133575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0134593.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0134594.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0137626.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0137627.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137735.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138665.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138784.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138786.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138802.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138811.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138823.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138836.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138840.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138843.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138849.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138858.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138901.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138903.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138909.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138918.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138930.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138937.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138942.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138943.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138945.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138949.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138951.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138965.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138966.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138973.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138983.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138992.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138996.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138998.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139000.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139012.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139021.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139022.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139038.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139040.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139044.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139047.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139057.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139058.DLL
C:\WINDOWS\SYSTEM32\IHWKLJJU.DLL
C:\WINDOWS\SYSTEM32\NOAJEGRO.DLL

Trojan.Download-Gen/DSPRPRE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135716.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135725.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135734.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135749.DLL

Trojan.Downloader-Gen/AllowCookie
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135720.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135741.EXE

Trojan.Downloader-Gen/TStamp
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135849.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135895.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135926.EXE

Adware.Vundo/Traff-2
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135887.EXE

Trojan.Unclassified/Dropper-B
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137696.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138774.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138799.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138810.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138825.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138867.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138931.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139001.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139020.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139042.DLL

Adware.Vundo-Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138626.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138666.DLL

Adware.Vundo-Variant/B
C:\WINDOWS\SYSTEM32\ASFERRO.28

Trojan.WinFixer
C:\WINDOWS\SYSTEM32\DDCCB.DLL

HI

Combofix, Ccleaner & SUPERAntiSpyware have removed a LOT of malware, so I would like to see some new logs please, to see just what is left to remove ...

First ... run a new Combofix scan, same as before & post the new log ...

Second ... please run hijackthis and post the new log ...

Third ... please run a new KASPERSKY ONLINE SCAN & post the log (it will be a lot shorter now)

steam

Hi Steam, here's my Combofix log:

ComboFix 08-03-14.4 - in hong chong 2008-03-18 21:10:23.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.239 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\_000111_.tmp.dll

.
((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 18:41 . 2008-03-14 22:04 1,366,923 ---hs---- C:\WINDOWS\SYSTEM32\nradiffq.ini
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-13 18:33 . 2008-03-13 18:38 1,346,717 ---hs---- C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 19:12 . 2008-03-13 18:33 1,346,570 ---hs---- C:\WINDOWS\SYSTEM32\dnrfhvki.ini
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-08 21:48 . 2008-03-08 21:48 1,307,561 ---hs---- C:\WINDOWS\SYSTEM32\espobsqd.ini
2008-03-08 20:46 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
2008-03-07 21:47 . 2008-03-08 20:48 1,307,648 ---hs---- C:\WINDOWS\SYSTEM32\eqnvihkd.ini
2008-03-06 21:44 . 2008-03-07 18:10 1,306,737 ---hs---- C:\WINDOWS\SYSTEM32\oawvheed.ini
2008-03-05 21:46 . 2008-03-06 17:39 1,307,452 ---hs---- C:\WINDOWS\SYSTEM32\xoifusud.ini
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-03 19:55 . 2008-03-03 19:55 1,302,442 ---hs---- C:\WINDOWS\SYSTEM32\gnopfhwh.ini
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod
2008-02-20 12:09 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
2008-02-19 15:34 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:57 --------- d-----w C:\Program Files\QuickTime
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-14 21:45 --------- d-----w C:\Program Files\iTunes
2008-03-14 21:45 --------- d-----w C:\Program Files\DellSupport
2008-03-14 21:44 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-14 21:27 94,208 ----a-w C:\WINDOWS\SYSTEM32\igfxtray .exe
2008-03-14 21:27 77,824 ----a-w C:\WINDOWS\SYSTEM32\hkcmd .exe
2008-03-14 21:27 114,688 ----a-w C:\WINDOWS\SYSTEM32\igfxpers .exe
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
2008-03-10 01:10 3,289 ----a-w C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-10 00:04 15,360 ----a-w C:\WINDOWS\SYSTEM32\ctfmon .exe
2008-03-06 00:55 98,048 ----a-w C:\WINDOWS\SYSTEM32\asferro.dll
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
2007-12-19 23:01 347,136 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
2007-06-09 16:10 1,816,394 --sha-w C:\WINDOWS\Cursors\cdoavg.tmp
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.

<pre>
----a-w 39,792 2008-03-14 21:27:41 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
----a-w 1,388,544 2008-03-14 21:27:20 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP .exe
----a-w 159,832 2008-03-14 21:27:21 C:\Program Files\Common Files\AOL\1135963495\ee\AOLHostManager .exe
----a-w 290,816 2008-03-14 21:27:15 C:\Program Files\Dell\Media Experience\PCMService .exe
----a-w 202,544 2008-03-14 21:28:01 C:\Program Files\Dell Support Center\bin\sprtcmd .exe
----a-w 16,384 2008-03-14 21:27:37 C:\Program Files\Dell Support Center\gs_agent\custom\dsca .exe
----a-w 460,784 2008-03-14 21:27:56 C:\Program Files\DellSupport\DSAgnt .exe
----a-w 49,152 2008-03-14 21:27:36 C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w 267,048 2008-03-14 21:27:44 C:\Program Files\iTunes\iTunesHelper .exe
----a-w 32,881 2008-03-14 21:27:07 C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
----a-w 303,104 2008-03-14 21:27:16 C:\Program Files\McAfee.com\Agent\mcagent .exe
----a-w 212,992 2008-03-14 21:26:42 C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w 212,992 2008-03-02 04:10:36 C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w 212,992 2008-03-01 23:19:01 C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w 1,327,104 2008-03-14 21:27:23 C:\Program Files\McAfee.com\Personal Firewall\MpfTray .exe
----a-w 139,264 2008-03-14 21:27:14 C:\Program Files\McAfee.com\VSO\mcmnhdlr .exe
----a-w 180,224 2008-03-14 21:27:18 C:\Program Files\McAfee.com\VSO\mcvsshld .exe
----a-w 98,304 2008-03-10 00:56:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 385,024 2008-03-10 00:56:47 C:\Program Files\QuickTime\qttask .exe
----a-w 26,112 2008-02-17 22:03:32 C:\Program Files\Real\RealPlayer\RealPlay .exe
----a-w 53,248 2008-03-14 21:27:33 C:\Program Files\SmileyDistrict\plugin .exe
----a-w 15,360 2008-03-10 00:04:21 C:\WINDOWS\SYSTEM32\ctfmon .exe
----a-w 77,824 2008-03-14 21:27:31 C:\WINDOWS\SYSTEM32\hkcmd .exe
----a-w 114,688 2008-03-14 21:27:33 C:\WINDOWS\SYSTEM32\igfxpers .exe
----a-w 94,208 2008-03-14 21:27:24 C:\WINDOWS\SYSTEM32\igfxtray .exe
</pre>


-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"fresxstyle"="lockbar.exe" []
"MSI Configuration"="msiconf.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"fresxstyle"="lockbar.exe" []
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"0cf5bf5f"="C:\WINDOWS\system32\qffidarn.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"fresxstyle"="lockbar.exe" []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtstuu]
awtstuu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]
vtsqo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - SASDIFSV
.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-18 21:14:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-18 21:15:38
ComboFix-quarantined-files.txt 2008-03-19 02:15:04
ComboFix2.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---

Here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:55 PM, on 3/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [fresxstyle] lockbar.exe
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [0cf5bf5f] rundll32.exe "C:\WINDOWS\system32\qffidarn.dll",b
O4 - HKLM\..\RunServices: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtstuu - awtstuu.dll (file missing)
O20 - Winlogon Notify: vtsqo - vtsqo.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8828 bytes

And here is my Kaspersky log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 18, 2008 10:44:22 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 19/03/2008
Kaspersky Anti-Virus database records: 639642
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 69868
Number of viruses found: 37
Number of infected objects: 583
Number of suspicious objects: 1
Duration of the scan process: 01:15:00

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd001.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\state\logs\sprtcmd.log Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-3-18-2008( 20-55-35 ).LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\MSHist012008031820080319\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\QooBox\Quarantine\C\Program Files\PopsMedia Site Adviser\vm5_killer.exe.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\anvqhdjp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\awtstrr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ayrcckff.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bcpmxoqj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfeucled.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfrskukv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\biirnppd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bmqhiimk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bxpqckyd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cniwoxwg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\coptscfq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crkuftym.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ctmqcagx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\daaorewl.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ddcbbab.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dfblhsai.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dgheswnk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dhrqaihw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\djnykprh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dlkbqktx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnfhhqnf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnjayhyq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\lpjcqiax.dat.vir Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dwtkkagy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebejlork.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebhknmid.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eewcqufr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eidsocxs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ekhtbdla.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\epgdhegv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eqbrcbfu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\esivfaub.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ewdhmxns.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ixf skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fauhumhe.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fcvflxfj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fneqxbhs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fnmlajpb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jxa skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fqkwfcjt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fvmwutyh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fykatsvb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gdanhidc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gebbbyx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gmotpvbj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gspccmeu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gxbeniiq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\havndcbb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hdmjtxmp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hkbvlflj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hnokesms.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hqmxnwoh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hvqiaamn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ideqpfqv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iifcbcy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iwtjlqyl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iybfqbur.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkyuxhvv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jldsntwo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jyfnjgds.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kcfeanty.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kemqkked.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kpviwyrb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\krnucbbm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lcbidetx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lgkrnbqt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpgngthf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lptqwbku.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpvyswxu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lxpqdpgd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mdstnfiv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mljjhgg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mlrdamcn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrorqvca.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrscswqk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mtfbjukg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mwiqvvej.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nkfwcnvs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nktwhnje.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nmyffpid.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nnnnmno.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\npjjnhoo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nracbdsg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ntgxabbu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nujpiphq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nvlrdajn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oamvyfif.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obcjluer.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obmkvhrh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ocdclxag.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odjaqagk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odqidynf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oeeskshl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\onvhkukq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnlkig.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnllij.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnopml.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oqehngjb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oyuoumuy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pcwfhqma.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pmurvftk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pvkhuwxo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qmresxwf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qpitrvus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qxgdajup.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rqronnl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvfeehky.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvhajdab.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvrmoeha.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvxjuuta.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rwpokqto.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rxahjbxf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ryrrkcgr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\soarkccb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\spguythh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\srcjhqvo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\stgncecb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sulnevrl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\syyambqf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tinnvdjm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tmojmdqt.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttiiueya.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuvstuv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuyymltd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\txcxecri.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ucudegfx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ufxilfgq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukmkpign.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umeraebp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umjprvyr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umrbowoi.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vyaykexw.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wkornwme.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wnxsfmye.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wwkurfjs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xdyjarsm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xjmvtblc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xosixbol.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.bce skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xpxbotin.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yayawxw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ypjkxyvg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yqkugabf.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ytyakqts.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yxehochp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ixe skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip/lpjcqiax.dat Infected: Rootkit.Win32.Agent.aap skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip/lpjcqiax.dat.1 Infected: Rootkit.Win32.Agent.aap skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip/jkhhf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip ZIP: infected - 3 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113908.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113919.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113920.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123758.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135688.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135695.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135721.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135722.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135737.dll Infected: Trojan-Dropper.Win32.Agent.bxm skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135738.dll Infected: Trojan-Dropper.Win32.Agent.bxm skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135747.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135751.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135754.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135767.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135769.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135775.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135778.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135779.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135787.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135796.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135810.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135818.exe Infected: Backdoor.Win32.Pakes skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135826.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135829.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135846.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135847.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135852.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135855.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135861.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135872.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135879.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135881.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135894.exe Infected: Trojan-Downloader.Win32.Agent.bxr skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135900.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135905.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135908.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135913.exe Infected: Trojan-Clicker.Win32.Small.mw skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135917.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135924.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135947.bat Infected: Trojan.BAT.KillProc.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136626.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136627.dll Infected: Trojan-Clicker.Win32.Small.mw skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136651.exe Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136691.exe Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136990.exe Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136993.dll Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136994.dll Infected: not-a-virus:AdWare.Win32.SearchAssistant.k skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136995.dll Infected: not-a-virus:AdWare.Win32.SearchAssistant.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137717.dll Infected: Trojan.Win32.BHO.hj skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138627.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138756.exe Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138762.sys Infected: Trojan.Win32.BHO.gy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138777.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138780.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138782.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138783.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138788.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138793.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138797.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138801.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138806.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138808.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138809.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138812.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138813.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138814.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138816.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138826.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138827.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138828.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138830.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138835.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138837.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138841.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138848.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138852.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138853.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138856.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138859.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138860.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138861.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138866.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138870.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138873.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138875.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138876.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138879.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138880.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138882.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138885.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138886.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138892.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138894.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138904.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138908.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138912.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138914.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138916.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138917.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138921.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138924.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138925.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138926.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138932.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138934.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138936.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138938.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138939.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138940.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138944.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138946.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138947.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138948.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138952.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138953.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138956.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138958.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138959.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138960.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138961.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138976.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138979.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138980.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138989.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138990.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138991.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138993.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138994.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138995.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138999.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139002.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139004.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139007.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139009.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139013.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139014.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139016.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139019.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139023.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139024.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139034.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139043.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139048.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139051.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139053.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139055.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139685.dll Infected: not-a-virus:AdWare.Win32.MyWay.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139686.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139687.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139688.exe Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139689.exe Infected: Virus.Win32.Trats.d skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139690.dll Infected: not-a-virus:AdWare.Win32.BHO.gp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139691.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139696.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139697.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139698.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139699.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139700.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139701.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139702.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139703.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139704.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139705.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139706.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139707.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139708.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139709.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139710.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139711.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139712.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139713.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139714.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139715.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139716.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139717.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139718.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139719.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139720.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139721.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139722.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139723.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139724.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139725.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139726.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139727.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139728.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139729.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139730.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139731.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139732.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139733.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139734.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139735.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139736.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139737.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139738.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139739.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139740.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139741.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139742.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139743.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139744.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139745.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139746.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139747.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139748.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139749.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139750.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139751.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139752.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139753.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139754.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139755.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139756.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139757.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139758.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139759.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139760.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139761.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139762.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139763.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139764.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139765.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139766.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139767.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139768.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139769.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139770.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139771.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139772.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139773.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139774.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139775.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139776.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139777.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139778.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139779.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139780.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139781.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139782.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139783.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139784.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139785.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139786.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139787.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139788.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139789.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139790.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139791.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139792.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139793.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139794.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139795.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139796.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139797.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139798.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139799.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139800.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139801.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139802.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139803.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139804.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139805.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139806.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139807.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139808.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139809.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139810.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139811.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139812.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139813.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139814.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139815.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139816.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139817.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139818.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139819.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139820.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139821.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139822.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139823.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139824.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139825.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139826.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139827.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139828.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139829.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139830.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139831.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139832.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139833.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139834.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139835.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139836.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139837.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139838.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139839.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139840.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139841.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139842.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139843.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139844.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139845.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139846.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139847.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139848.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139849.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139850.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139851.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139852.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139853.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139854.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139855.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139856.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139857.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139858.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139859.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139860.exe Infected: Trojan.Win32.Obfuscated.kp skipped

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139861.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139862.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139863.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139864.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139865.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139866.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139867.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139868.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139869.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139870.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139871.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139872.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139873.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139874.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139875.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139876.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139877.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139878.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139879.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139880.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139881.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139882.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139883.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139884.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139885.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139886.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139887.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139888.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139889.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139890.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139891.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139892.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139893.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139894.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139895.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139896.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139897.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139898.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139899.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139900.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139901.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139902.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139903.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139904.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139905.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139906.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139907.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139908.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139909.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139910.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139911.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139912.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139913.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139914.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139915.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139916.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139917.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139918.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139919.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139920.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139921.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139922.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139923.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139924.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139925.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139926.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139927.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139928.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139929.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139930.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139931.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139932.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139933.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139934.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139935.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139936.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139937.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139938.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139939.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139940.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139941.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139942.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139943.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139944.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139945.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139946.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139947.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139948.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139949.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139950.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139951.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139952.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139953.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139954.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139955.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139956.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139957.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139958.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139959.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139960.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139961.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139962.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139963.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139964.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139965.dll Infected: Trojan-Downloader.Win32.Small.bpk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP165\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\asferro.25 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\asferro.26 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat Infected: Trojan.Win32.Agent.cid skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\ooeeoibc.exe Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Hi

Nearly there...

It may still look like a lot of infected files, but most are now in quarantine ...

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the code box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)


File::
C:\WINDOWS\SYSTEM32\nradiffq.ini
C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
C:\WINDOWS\SYSTEM32\dnrfhvki.ini
C:\WINDOWS\SYSTEM32\espobsqd.ini
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\eqnvihkd.ini
C:\WINDOWS\SYSTEM32\oawvheed.ini
C:\WINDOWS\SYSTEM32\xoifusud.ini
C:\WINDOWS\SYSTEM32\gnopfhwh.ini
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\asferro.dll
C:\WINDOWS\SYSTEM32\asferro.25
C:\WINDOWS\SYSTEM32\asferro.26
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\ooeeoibc.exe
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir

RenV::
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP .exe
C:\Program Files\Common Files\AOL\1135963495\ee\AOLHostManager .exe
C:\Program Files\Dell\Media Experience\PCMService .exe
C:\Program Files\Dell Support Center\bin\sprtcmd .exe
C:\Program Files\Dell Support Center\gs_agent\custom\dsca .exe
C:\Program Files\DellSupport\DSAgnt .exe
C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
C:\Program Files\McAfee.com\Agent\mcagent .exe
C:\Program Files\McAfee.com\Agent\mcupdate .exe
C:\Program Files\McAfee.com\Personal Firewall\MpfTray .exe
C:\Program Files\McAfee.com\VSO\mcmnhdlr .exe
C:\Program Files\McAfee.com\VSO\mcvsshld .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\Real\RealPlayer\RealPlay .exe
C:\Program Files\SmileyDistrict\plugin .exe
C:\WINDOWS\SYSTEM32\ctfmon .exe
C:\WINDOWS\SYSTEM32\hkcmd .exe
C:\WINDOWS\SYSTEM32\igfxpers .exe
C:\WINDOWS\SYSTEM32\igfxtray .exe

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtstuu]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fresxstyle"=-
"MSI Configuration"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fresxstyle"=-
"0cf5bf5f"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"fresxstyle"=-



Save this as "CFScript.txt"

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

steam

Hi steam.
Here is my Combofix log:

ComboFix 08-03-14.4 - in hong chong 2008-03-19 18:42:01.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.248 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\in hong chong\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\SYSTEM32\asferro.25
C:\WINDOWS\SYSTEM32\asferro.26
C:\WINDOWS\SYSTEM32\asferro.dll
C:\WINDOWS\SYSTEM32\dnrfhvki.ini
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat
C:\WINDOWS\SYSTEM32\eqnvihkd.ini
C:\WINDOWS\SYSTEM32\espobsqd.ini
C:\WINDOWS\SYSTEM32\gnopfhwh.ini
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\nradiffq.ini
C:\WINDOWS\SYSTEM32\oawvheed.ini
C:\WINDOWS\SYSTEM32\ooeeoibc.exe
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
C:\WINDOWS\SYSTEM32\xoifusud.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\SYSTEM32\asferro.25
C:\WINDOWS\SYSTEM32\asferro.26
C:\WINDOWS\SYSTEM32\dnrfhvki.ini
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat
C:\WINDOWS\SYSTEM32\eqnvihkd.ini
C:\WINDOWS\SYSTEM32\espobsqd.ini
C:\WINDOWS\SYSTEM32\gnopfhwh.ini
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\nradiffq.ini
C:\WINDOWS\SYSTEM32\oawvheed.ini
C:\WINDOWS\SYSTEM32\ooeeoibc.exe
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
C:\WINDOWS\SYSTEM32\xoifusud.ini
C:\WINDOWS\SYSTEM32\asferro.dll . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-19 23:41 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-19 23:41 --------- d-----w C:\Program Files\QuickTime
2008-03-19 23:41 --------- d-----w C:\Program Files\iTunes
2008-03-19 23:41 --------- d-----w C:\Program Files\DellSupport
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.

<pre>
----a-w 212,992 2008-03-14 21:26:42 C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w 212,992 2008-03-01 23:19:01 C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w 98,304 2008-03-10 00:56:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 385,024 2008-03-10 00:56:47 C:\Program Files\QuickTime\qttask .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2008-03-01 23:10 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [2008-03-14 16:27 303104]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-19 18:48:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdui.exe
.
**************************************************************************
.
Completion time: 2008-03-19 18:55:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-19 23:55:07
ComboFix2.txt 2008-03-19 02:15:39
ComboFix3.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---


And here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:59:55 PM, on 3/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8675 bytes

Hi

WE have a stubborn one ...

Please try this :-

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the code box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)


Killall::

File::
C:\WINDOWS\system32\asferro.dll

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]


Save this as "CFScript.txt"

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

THEN ...

1. Download SDFix and save it to your Desktop.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

2. Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

3. Reboot into Safe Mode`:-

Reboot into >>>safe mode (http://www.computerhope.com/issues/chsafe.htm)

4. Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.

It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.

When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.

Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).

Finally paste the contents of the Report.txt back on the forum.

steam

Hi steam.
Here is my Combofix log:
ComboFix 08-03-14.4 - in hong chong 2008-03-20 16:35:06.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.299 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\in hong chong\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\system32\asferro.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\asferro.dll . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-02-20 to 2008-03-20 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-19 23:41 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-19 23:41 --------- d-----w C:\Program Files\QuickTime
2008-03-19 23:41 --------- d-----w C:\Program Files\iTunes
2008-03-19 23:41 --------- d-----w C:\Program Files\DellSupport
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.

<pre>
----a-w 212,992 2008-03-14 21:26:42 C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w 212,992 2008-03-01 23:19:01 C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w 98,304 2008-03-10 00:56:41 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:42 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 98,304 2008-03-10 00:56:44 C:\Program Files\QuickTime\qttask .exe
----a-w 385,024 2008-03-10 00:56:47 C:\Program Files\QuickTime\qttask .exe
</pre>


((((((((((((((((((((((((((((( snapshot@2008-03-19_18.54.37.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-03-19 23:48:06 16,810 ----a-w C:\WINDOWS\SYSTEM32\tablet.dat
+ 2008-03-20 21:41:01 16,810 ----a-w C:\WINDOWS\SYSTEM32\tablet.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2008-03-01 23:10 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [2008-03-14 16:27 303104]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 16:41:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
**************************************************************************
.
Completion time: 2008-03-20 16:47:08 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-20 21:47:04
ComboFix2.txt 2008-03-19 23:55:12
ComboFix3.txt 2008-03-19 02:15:39
ComboFix4.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---

Here is my Hijackthislog:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:48:18 PM, on 3/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8475 bytes

And SDFix:
SDFix: Version 1.159

Run by in hong chong on Thu 03/20/2008 at 05:13 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 17:20:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000034
"TracesSuccessful"=dword:00000002

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\WINDOWS\\system32"="C:\\WINDOWS\\system32:*:Enabled:lockx"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"="C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 24 Aug 2004 155,648 A..H. --- "C:\DELL\PRIMOSDK.DLL"
Tue 24 Aug 2004 360,448 A..H. --- "C:\DELL\PX.DLL"
Wed 28 Jul 2004 56,832 A..H. --- "C:\DELL\PXCPYA64.EXE"
Wed 28 Jul 2004 108,544 A..H. --- "C:\DELL\PXCPYI64.EXE"
Wed 18 Aug 2004 389,120 A..H. --- "C:\DELL\PXDRV.DLL"
Mon 2 Aug 2004 20,576 A..H. --- "C:\DELL\PXHELP20.SYS"
Mon 2 Aug 2004 54,976 A..H. --- "C:\DELL\PXHELP64.SYS"
Mon 2 Aug 2004 32,272 A..H. --- "C:\DELL\PXHELPER.SYS"
Mon 2 Aug 2004 26,720 A..H. --- "C:\DELL\PXHLPA64.SYS"
Mon 2 Aug 2004 57,344 A..H. --- "C:\DELL\PXHPINST.EXE"
Mon 2 Aug 2004 53,760 A..H. --- "C:\DELL\PXINSA64.EXE"
Mon 2 Aug 2004 104,960 A..H. --- "C:\DELL\PXINSI64.EXE"
Tue 24 Aug 2004 159,744 A..H. --- "C:\DELL\PXMAS.DLL"
Wed 28 Jul 2004 57,344 A..H. --- "C:\DELL\PXSETUP.EXE"
Tue 24 Aug 2004 339,968 A..H. --- "C:\DELL\PXWAVE.DLL"
Thu 20 May 2004 28,672 A..H. --- "C:\DELL\VXBLOCK.DLL"
Tue 24 Aug 2004 155,648 A..H. --- "C:\DELL\MEDIAEXE\PRIMOSDK.DLL"
Tue 24 Aug 2004 360,448 A..H. --- "C:\DELL\MEDIAEXE\PX.DLL"
Wed 28 Jul 2004 56,832 A..H. --- "C:\DELL\MEDIAEXE\PXCPYA64.EXE"
Wed 28 Jul 2004 108,544 A..H. --- "C:\DELL\MEDIAEXE\PXCPYI64.EXE"
Wed 18 Aug 2004 389,120 A..H. --- "C:\DELL\MEDIAEXE\PXDRV.DLL"
Mon 2 Aug 2004 20,576 A..H. --- "C:\DELL\MEDIAEXE\PXHELP20.SYS"
Mon 2 Aug 2004 54,976 A..H. --- "C:\DELL\MEDIAEXE\PXHELP64.SYS"
Mon 2 Aug 2004 32,272 A..H. --- "C:\DELL\MEDIAEXE\PXHELPER.SYS"
Mon 2 Aug 2004 26,720 A..H. --- "C:\DELL\MEDIAEXE\PXHLPA64.SYS"
Mon 2 Aug 2004 57,344 A..H. --- "C:\DELL\MEDIAEXE\PXHPINST.EXE"
Mon 2 Aug 2004 53,760 A..H. --- "C:\DELL\MEDIAEXE\PXINSA64.EXE"
Mon 2 Aug 2004 104,960 A..H. --- "C:\DELL\MEDIAEXE\PXINSI64.EXE"
Tue 24 Aug 2004 159,744 A..H. --- "C:\DELL\MEDIAEXE\PXMAS.DLL"
Wed 28 Jul 2004 57,344 A..H. --- "C:\DELL\MEDIAEXE\PXSETUP.EXE"
Tue 24 Aug 2004 339,968 A..H. --- "C:\DELL\MEDIAEXE\PXWAVE.DLL"
Thu 20 May 2004 28,672 A..H. --- "C:\DELL\MEDIAEXE\VXBLOCK.DLL"
Wed 1 Sep 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0\aolphx.exe"
Wed 1 Sep 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0\aoltray.exe"
Wed 1 Sep 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0\RBM.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Sat 9 Jun 2007 1,816,394 A.SH. --- "C:\WINDOWS\Cursors\cdoavg.tmp"
Tue 4 Oct 2005 324,367 A.SH. --- "C:\WINDOWS\SYSTEM32\gjkmp.tmp"
Sun 29 Oct 2006 871,079 A.SH. --- "C:\WINDOWS\SYSTEM32\siirvs.tmp"
Fri 17 Aug 2007 296 ..SH. --- "C:\WINDOWS\SYSTEM32\vbsdgayo.tmp"
Tue 29 Nov 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 2 Mar 2008 26,112 ...H. --- "C:\Documents and Settings\in hong chong\My Documents\~WRL0001.tmp"
Sat 4 Mar 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Sat 1 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2(2)\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sat 1 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3(2)\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"
Sat 1 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4(2)\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"
Sun 21 Oct 2007 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Sun 21 Oct 2007 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Sun 13 Jan 2008 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sun 13 Jan 2008 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"

Finished!

Hi

Well ...it's still there ... please try this :-

1. Download and unzip Avenger (by Swandog46) to your desktop. > http://swandog46.geekstogo.com/avenger.zip
2. Double click the Avenger.exe file
3. Click OK
4. Select Input script manually
5. Click the Magnifying Glass icon
6. Highlight the text in the code box below, & copy and paste it into the View/edit script box



Files to delete:
C:\WINDOWS\system32\asferro.dll

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

7. Click Done
8. Click the Traffic Light icon to start the program.
9. click Yes to execute the script and click Yes when asked to reboot your computer
10. Post the contents of the file C:\Avenger.txt

After the reboot... run hijackthis & post a new log .....

Don't forget to Post the contents of the file C:\Avenger.txt

steam

Hi steam.
Here's my avenger log:
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Error: could not open file "C:\WINDOWS\system32\asferro.dll"
Deletion of file "C:\WINDOWS\system32\asferro.dll" failed!
Status: 0xc0000022 (STATUS_ACCESS_DENIED)


Completed script processing.

*******************

Finished! Terminate.

And here's my Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:25:47 PM, on 3/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8754 bytes

HI

I want you to run some virus scans ...

Go here to run an online scan from ESET.

http://www.eset.eu/online-scanner

Note: You will need to use Internet explorer for this scan

1. Tick the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the activex control to install
4. Click Start
5. Make sure that the option Remove found threats and the option Scan unwanted applications is checkmarked.
6. Click Scan
7. Wait for the scan to finish
8. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
9. Copy and paste the log into your next reply

THEN ...

Perform an online scan with Internet Explorer with
http://www.pandasoftware.com/products/activescan.htm
Panda ActiveScan Click on scanyourpc located at the bottom of the page. A pop up window will appear. Please ensure that your pop up blocker doesn't block it Enter your e-mail address, country, and state & click Free Online Scan *The download of the 8 MB Panda's ActiveX control will take place*Begin the scan by selecting mycomputer If it finds any malware, it will offer you a report. Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later. Click on see report then click save report

Turn off the real time scanner of any existing antivirus program while performing the online scan.

Please post the Panda log scan.

THEN ...

Please run this on-line scan :-

http://www.bitdefender.com/scan8/ie.html

Scan the whole computer & let it Disinfect/delete all it finds ...

copy & paste here its report here please.

steam

Hi steam.
Here's the ESETlog:
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=2967 (20080321)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=fe891a1f009d024286f8a85cb38d5604
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2008-03-22 10:02:04
# local_time=2008-03-22 05:02:04 (-0600, Central Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=218405
# found=140
# scan_time=3651
C:\Program Files\AIM\Sysfiles\WxBug.EXE Win32/Adware.WBug.A application (deleted) 00000000000000000000000000000000
C:\Program Files\AIM\Sysfiles\WxBug.EXE »WISE »MiniBugTransporter.dll Win32/Adware.WBug.A application (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip Win32/Agent.NQA trojan (deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip »ZIP »lpjcqiax.dat Win32/Agent.NQA trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\PopsMedia Site Adviser\vm5_killer.exe.vir probably a variant of Win32/BHO trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\anvqhdjp.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\asferro.25.vir probably a variant of Win32/Adware.BHO.NBI application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\asferro.26.vir probably a variant of Win32/Adware.BHO.NBI application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\awtstrr.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ayrcckff.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bcpmxoqj.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfeucled.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfrskukv.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bmqhiimk.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bxpqckyd.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cniwoxwg.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\coptscfq.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crkuftym.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\daaorewl.dll.vir Win32/BHO.G trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ddcbbab.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dfblhsai.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dgheswnk.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dhrqaihw.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\djnykprh.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dlkbqktx.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnjayhyq.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dwtkkagy.dll.vir Win32/BHO.NCC trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebejlork.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebhknmid.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eewcqufr.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eidsocxs.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ekhtbdla.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\epgdhegv.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eqbrcbfu.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\esivfaub.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ewdhmxns.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fauhumhe.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fneqxbhs.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fojjcplc.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fqkwfcjt.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fvmwutyh.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fykatsvb.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gdanhidc.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gebbbyx.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gmotpvbj.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gspccmeu.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\havndcbb.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hdmjtxmp.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hkbvlflj.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hnokesms.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hqmxnwoh.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hvqiaamn.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iifcbcy.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iwtjlqyl.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iybfqbur.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkhhf_exe.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkyuxhvv.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jldsntwo.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kcfeanty.dll.vir Win32/BHO.NCC trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kemqkked.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kpviwyrb.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lcbidetx.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lgkrnbqt.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpgngthf.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lptqwbku.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lxpqdpgd.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mdstnfiv.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mljjhgg.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mlrdamcn.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrscswqk.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mtfbjukg.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mwiqvvej.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nkfwcnvs.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nmyffpid.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nnnnmno.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\npjjnhoo.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nracbdsg.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ntgxabbu.dll.vir Win32/BHO.NCC trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nvlrdajn.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oamvyfif.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obcjluer.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obmkvhrh.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odjaqagk.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odqidynf.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oeeskshl.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\onvhkukq.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ooeeoibc.exe.vir probably a variant of Win32/BHO trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnlkig.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnllij.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnopml.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oqehngjb.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oyuoumuy.dll.vir Win32/BHO.NCC trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pcwfhqma.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pmurvftk.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pvkhuwxo.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qmresxwf.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qpitrvus.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qxgdajup.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX48_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX4B_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX55_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX61_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX6B_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX7E_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\RCX84_tmp.vir.vir Win32/TrojanDropper.Agent.DGO virus (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rqronnl.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvfeehky.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvhajdab.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvrmoeha.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvxjuuta.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rwpokqto.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rxahjbxf.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ryrrkcgr.dll.vir Win32/BHO.NCC trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\spguythh.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\srcjhqvo.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\stgncecb.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sulnevrl.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\syyambqf.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tinnvdjm.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tmojmdqt.dll.vir Win32/BHO.G trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuvstuv.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuyymltd.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\txcxecri.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ucudegfx.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ufxilfgq.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukmkpign.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umeraebp.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umjprvyr.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umrbowoi.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vyaykexw.dll.vir Win32/Adware.BHO.V application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wnxsfmye.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wwkurfjs.dll.vir Win32/Adware.AdMedia application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xdyjarsm.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xjmvtblc.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xpxbotin.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yayawxw.dll.vir probably a variant of Win32/Adware.Agent application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ypjkxyvg.dll.vir Win32/Adware.Virtumonde application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yqkugabf.dll.vir Win32/BHO.G trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat.vir Win32/Agent.NMY trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\WINDOWS\SYSTEM32\fjhrmpfd.dll probably a variant of Win32/TrojanProxy.Agent.JZ trojan (unable to clean - deleted) 00000000000000000000000000000000

Here's the Pandalog:

Incident Status Location

Spyware:spyware/virtumonde Not disinfected Windows Registry
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\in hong chong\Application Data\Mozilla\Firefox\Profiles\7gif3ig9.default\cookies.txt[.serving-sys.com/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\in hong chong\Desktop\SDFix.exe[SDFix\apps\Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix\restart.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Common Files\AOL\1135963495\ee\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Program Files\Common Files\AOL\1135963495\ee\SmitfraudFix\restart.exe
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\biirnppd.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ctmqcagx.dll.vir
Spyware:Spyware/Virtumonde Not disinfected

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fcvflxfj.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\krnucbbm.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpvyswxu.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\soarkccb.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttiiueya.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wkornwme.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xosixbol.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ytyakqts.dll.vir
Spyware:Spyware/Virtumonde Not disinfected C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yxehochp.dll.vir
Potentially unwanted tool:Application/Processor Not disinfected C:\SDFix\apps\Process.exe
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.10
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.11
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.12
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.13
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.14
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.15
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.16
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.17
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.18
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.19
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.20
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.21
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.22
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.23
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.24
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.3
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.4
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.5
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.6
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.7
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.8
Possible Virus. Not disinfected C:\WINDOWS\SYSTEM32\asferro.9
Adware:Adware/SaveNow Not disinfected C:\WINDOWS\SYSTEM32\docad.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\SYSTEM32\Process.exe


And here's the bitdefender log, I couldn't save it as .txt in notepad and had to save it as .html, so I copied and pasted it into notepad:
Time 01:07:50

Files 242989

Folders 7903

Boot Sectors 4

Archives 9768

Packed Files 13623


Results

Identified Viruses 52

Infected Files 578

Suspect Files 0

Warnings 0

Disinfected 1

Deleted Files 577


Engines Info

Virus Definitions 1021784

Engine build


AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins 16

Archive plugins 41

Unpack plugins 7

E-mail plugins 6

System plugins 5


Scan Settings

First Action Disinfect

Second Action Delete

Heuristics Yes

Enable Warnings Yes

Scanned Extensions *;

Exclude Extensions

Scan Emails Yes

Scan Archives Yes

Scan Packed Yes

Scan Files Yes

Scan Boot Yes


Scanned File


Status

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\biirnppd.dll.vir

Infected with: Trojan.Vundo.EBG

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\biirnppd.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ctmqcagx.dll.vir

Infected with: Trojan.Vundo.DZK

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ctmqcagx.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnfhhqnf.dll.vir

Infected with: Trojan.Vundo.EEJ

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnfhhqnf.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fcvflxfj.dll.vir

Infected with: Trojan.Vundo.DZC

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fcvflxfj.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fnmlajpb.dll.vir

Infected with: Trojan.Vundo.EEJ

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fnmlajpb.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gxbeniiq.dll.vir

Infected with: Trojan.Vundo.EDA

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gxbeniiq.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ideqpfqv.dll.vir

Infected with: Trojan.Vundo.EEH

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ideqpfqv.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jyfnjgds.dll.vir

Infected with: Trojan.Vundo.EBU

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jyfnjgds.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\krnucbbm.dll.vir

Infected with: Trojan.Vundo.EAO

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\krnucbbm.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpvyswxu.dll.vir

Infected with: Trojan.Vundo.EBG

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpvyswxu.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrorqvca.dll.vir

Infected with: Trojan.Vundo.EEA

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrorqvca.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nktwhnje.dll.vir

Infected with: Trojan.Vundo.ECX

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nktwhnje.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nujpiphq.dll.vir

Infected with: Trojan.Vundo.EEH

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nujpiphq.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ocdclxag.dll.vir

Infected with: Trojan.Vundo.EBG

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ocdclxag.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\soarkccb.dll.vir

Infected with: Trojan.Vundo.EAI

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\soarkccb.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttiiueya.dll.vir

Infected with: Trojan.Vundo.EBG

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttiiueya.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wkornwme.dll.vir

Infected with: Trojan.Vundo.DZK

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wkornwme.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xosixbol.dll.vir

Infected with: Trojan.Vundo.EAP

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xosixbol.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ytyakqts.dll.vir

Infected with: Trojan.Vundo.DZK

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ytyakqts.dll.vir

Deleted

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yxehochp.dll.vir

Infected with: Trojan.Vundo.DZN

C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yxehochp.dll.vir

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113908.dll

Infected with: Trojan.BHO.BP

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113908.dll

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113919.dll

Infected with: Trojan.Downloader.Conhook.L

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113919.dll

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113920.dll

Infected with: DeepScan:Generic.Virtumonde.2.3B1D42DE

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113920.dll

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113920.dll

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP150\A0120375.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP150\A0120375.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP150\A0120375.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120437.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120437.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120437.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120496.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120496.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120496.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120518.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120518.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120518.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120544.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120544.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120544.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120638.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120638.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120638.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120732.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120732.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120732.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120751.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120751.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120751.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120752.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120752.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120752.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120826.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120826.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120826.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120851.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120851.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120851.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120925.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120925.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120925.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120954.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120954.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120954.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121040.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121040.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121040.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121159.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121159.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121159.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121372.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121372.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121372.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121464.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121464.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121464.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121465.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121465.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121465.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121466.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121466.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121466.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121548.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121548.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121548.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121560.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121560.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121560.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121653.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121653.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121653.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121676.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121676.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121676.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121679.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121679.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121679.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122639.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122639.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122639.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122667.ini

Infected with: Trojan.Vundo.DVS

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122667.ini

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122667.ini

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122683.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122683.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122683.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122684.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122684.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122684.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122685.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122685.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122685.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122762.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122762.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122762.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123758.dll

Infected with: Trojan.Vundo.Gen.2

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123758.dll

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123758.dll

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123802.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123802.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123802.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124789.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124789.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124789.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP157\A0125926.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP157\A0125926.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP157\A0125926.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP157\A0125928.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP157\A0125928.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP157\A0125928.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0126179.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0126179.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0126179.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127199.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127199.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127199.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127201.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127201.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127201.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127310.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127310.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127310.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127312.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127312.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127312.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127382.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127382.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127382.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127383.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127383.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127383.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127385.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127385.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127385.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127386.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127386.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127386.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127603.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127603.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127603.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127604.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127604.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127604.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127605.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127605.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127605.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127606.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127606.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127606.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127607.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127607.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127607.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127615.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127615.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127615.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127738.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127738.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127738.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127739.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127739.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127739.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127740.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127740.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127740.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127841.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127841.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127841.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127947.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127947.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127947.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127948.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127948.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127948.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127949.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127949.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127949.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127951.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127951.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127951.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127958.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127958.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127958.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129018.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129018.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129018.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130155.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130155.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130155.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130156.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130156.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130156.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130157.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130157.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130157.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130158.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130158.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130158.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130159.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130159.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130159.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130161.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130161.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130161.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130256.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130256.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130256.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130257.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130257.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130257.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131154.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131154.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131154.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131263.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131263.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131263.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131267.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131267.exe

Disinfection failed

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131267.exe

Deleted

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131346.exe

Detected with: Application.Powerreg.Scheduler.C

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131346.exe

Disinfection failed