Hijackthis Report

**cavee** · 2008-03-18, 03:11

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132546.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132547.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132548.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132551.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132585.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132593.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132594.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132596.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132597.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132650.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133582.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133599.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133603.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133630.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134601.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134624.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134673.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135595.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135597.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135599.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135603.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135616.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135635.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135638.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135643.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135644.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135645.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135646.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135647.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135648.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135649.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135656.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135658.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135664.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135665.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135696.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135697.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135699.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135700.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135701.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135702.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135703.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135704.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135705.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135706.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135780.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136630.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136991.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136998.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136999.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137000.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137635.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137643.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137645.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137646.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137647.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137648.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137649.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137654.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137658.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137659.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137661.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137697.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137700.exe

**cavee** · 2008-03-18, 03:12

C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137701.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137702.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137703.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137704.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137716.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137719.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137720.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137721.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137722.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137723.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137724.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137725.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137727.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137728.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137729.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137730.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137731.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137732.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137733.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138632.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138638.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138646.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138678.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138679.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138681.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138692.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138693.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138696.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138750.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138751.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138752.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138755.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139184.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139185.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139186.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139187.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139188.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139189.EXE

Trojan.Downloader-SpyTool
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ACSQSWEX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AJINAYEY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AQVTJXWA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AYGYWTHI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EMCXNFSC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ENCEHYLX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JATKCPVM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JPJUNXOU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MRBANTAU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ODHFHKSJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TXQTWUVT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WBGHYHNI.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138769.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138772.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138776.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138778.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138833.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138834.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138887.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138897.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138929.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138950.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139017.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139035.DLL

Trojan.Downloader-CREW
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AEPWLKBW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AEYMFDXC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\APQHTUDT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AYMYDQUR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BBWLIDJP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BHOTIGGF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BJDOUVUC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BTCXTEWP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BVTYJOWW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CFELXTRS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CFPKYYDB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CGFRYFKQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CNXHSCRY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CQQEVDNM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CWRHGMTR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CXLPKHGP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CYSHLDWU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DNIUGREU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DNSLCHWB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DPCTQYXQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DPTQNCRJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DQGKCIOC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DTWQEPII.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DYYVNPAW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EJUJGQMC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ELLTTSWY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EMCNNXOS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EVONDEVK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FBAQRIXJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FHSJKLVR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FHWEPGLV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FILGUPRL.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FODWCMJN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FXNTHWST.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FYFIRBVK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GCWQQVYP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GTUYYLWJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HBLHGFCA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HBRQCJNV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HFITGQWW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HIWMLNJO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HRQHBWVS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HTTXPWNB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\IQVBSBCE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JCILJEKF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JDSGKRPT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JKNJWXAS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JMTSNHYR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JNNHSNDN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JTGNRWYH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JUKDYEJG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JVDUOAYW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KANXIVVQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KMDYRWEO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KRQOQLEG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LCCFIGXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LORDEQBP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LSPSHWPT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LUSAMOSN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MBBJLYBW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MBEWTACA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MPFAKMDE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MVCXKWSU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\NFHFTULO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\NPNNQGGA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OLLVOUWO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OMCKTEVR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OUHERYEB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OVMRLFTQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PCYWXMEH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PIVGNWWF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PLUSFTJP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PMRKQOBS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PMUXJWTY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PUVEVYVC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QLIBIDNS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QSXBARKG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RDEBJTYU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RNHKGWGM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\SIVPWLFD.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\SWYMCDXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TBKXTSQJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TEDIOULN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TKBEXYDH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TOMCOTEJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TTFKAOGE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TVJEQGPQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TYRKSHDA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UOFSXOID.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UOKTGIER.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UWQPDKSW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VAOKRTXA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VCIPBIOV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VGLKXKRA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VMEULKHI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VOBJIUPG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WRADTLDI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XKYWANFA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XNCQFAWX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XSVOQENV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\YPUSFRGW.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135784.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138770.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138771.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138779.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138781.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138785.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138787.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138791.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138792.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138794.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138795.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138796.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138798.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138800.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138803.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138804.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138805.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138815.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138817.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138818.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138819.DLL

**cavee** · 2008-03-18, 03:13

C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138820.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138822.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138824.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138829.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138831.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138832.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138839.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138842.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138844.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138845.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138846.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138850.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138854.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138855.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138857.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138862.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138868.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138869.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138871.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138872.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138877.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138878.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138884.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138888.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138890.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138891.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138895.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138896.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138898.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138899.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138900.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138902.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138907.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138910.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138913.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138915.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138919.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138920.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138922.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138923.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138927.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138933.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138935.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138941.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138954.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138955.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138963.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138964.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138967.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138970.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138971.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138972.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138974.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138975.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138978.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138981.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138984.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138987.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138997.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139003.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139005.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139006.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139008.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139010.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139011.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139015.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139018.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139025.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139026.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139028.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139029.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139030.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139031.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139032.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139033.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139041.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139045.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139046.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139049.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139054.DLL
C:\WINDOWS\SYSTEM32\KCAAMNGA.DLL
C:\WINDOWS\SYSTEM32\NBUTFNDQ.DLL
C:\WINDOWS\SYSTEM32\NELWIIPD.DLL
C:\WINDOWS\SYSTEM32\OQFMNLXA.DLL
C:\WINDOWS\SYSTEM32\RGCUHIPU.DLL
C:\WINDOWS\SYSTEM32\ULHFXUAD.DLL

Trojan.Unknown Origin
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AMSTREA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ATL7.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\C.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CMPROP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CNVFA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DX3.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138763.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138764.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138765.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138766.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138767.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138768.DLL

Trojan.Download-Gen/N_BHO
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP131\A0108028.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0114056.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0114083.DLL

Trojan.Downloader-Gen/LIB
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113904.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113905.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113907.DLL

Trojan.Unclassified-Packed/Suspicious
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114393.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114801.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129095.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131538.DLL

Adware.eZula
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP136\A0115356.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135707.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135710.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135711.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135712.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135713.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135714.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135715.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135717.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135719.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135723.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135724.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135727.EXE

**cavee** · 2008-03-18, 03:14

C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135728.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135729.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135730.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135731.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135732.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135733.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135735.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135736.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135739.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135740.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135742.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135743.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135744.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135745.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135746.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135748.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135750.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135752.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135753.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135755.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135756.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135757.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135758.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135759.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135760.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135761.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135762.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135763.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135764.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135765.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135766.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135768.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135770.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135771.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135772.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135773.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135774.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135776.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135777.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135781.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135782.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135783.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135785.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135786.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135788.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135789.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135790.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135791.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135792.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135793.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135794.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135795.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135797.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135798.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135799.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135800.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135801.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135802.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135803.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135804.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135805.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135806.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135807.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135808.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135809.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135811.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135812.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135813.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135814.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135815.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135816.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135817.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135819.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135820.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135821.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135822.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135823.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135824.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135825.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135827.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135828.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135830.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135831.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135832.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135833.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135834.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135835.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135836.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135837.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135838.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135839.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135840.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135841.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135842.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135843.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135844.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135845.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135848.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135850.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135851.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135853.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135854.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135856.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135857.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135858.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135859.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135860.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135862.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135863.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135864.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135865.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135866.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135867.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135868.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135869.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135870.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135871.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135873.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135874.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135875.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135876.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135877.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135878.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135880.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135882.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135883.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135884.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135885.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135886.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135888.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135889.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135890.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135891.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135892.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135893.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135896.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135897.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135898.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135899.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135901.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135902.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135903.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135904.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135906.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135907.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135909.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135910.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135911.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135912.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135914.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135915.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135916.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135918.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135919.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135920.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135921.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135922.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135923.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135925.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135927.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135928.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135929.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135930.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135931.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135932.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135933.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135934.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135935.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135936.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135937.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135938.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135939.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135940.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135941.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135942.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135943.exe

**cavee** · 2008-03-18, 03:15

C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135944.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135945.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135946.EXE
C:\WINDOWS\SYSTEM32\CSKFMMOD.EXE
C:\WINDOWS\SYSTEM32\TOQMVAPJ.EXE

Adware.WhenU
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP149\A0119985.EXE

Trojan.Downloader-Gen/HardFall
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120430.DLL

Trojan.Downloader-Gen/DDC
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120484.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120497.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120519.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120545.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120640.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120731.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120825.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120927.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121039.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121143.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121239.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121343.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121373.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121547.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121652.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122666.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122842.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123767.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123786.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127175.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127300.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127568.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127585.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127829.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127925.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128029.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128947.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128967.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128985.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129003.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130140.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131135.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131214.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132458.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132584.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0133581.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137715.EXE
C:\WINDOWS\SYSTEM32\ABOPKXNN.EXE
C:\WINDOWS\SYSTEM32\ABRMUKXQ.EXE
C:\WINDOWS\SYSTEM32\ADNEYROS.EXE
C:\WINDOWS\SYSTEM32\AICUUPCL.EXE
C:\WINDOWS\SYSTEM32\AJAFTLUV.EXE
C:\WINDOWS\SYSTEM32\AJQKHTNJ.EXE
C:\WINDOWS\SYSTEM32\ASQNYAXS.EXE
C:\WINDOWS\SYSTEM32\AUPQYFOX.EXE
C:\WINDOWS\SYSTEM32\AXUSURMA.EXE
C:\WINDOWS\SYSTEM32\BELYHISU.EXE
C:\WINDOWS\SYSTEM32\BODFUBGB.EXE
C:\WINDOWS\SYSTEM32\BUTYSGYW.EXE
C:\WINDOWS\SYSTEM32\BXVXBQLT.EXE
C:\WINDOWS\SYSTEM32\CAADWCLU.EXE
C:\WINDOWS\SYSTEM32\CBDLHXKQ.EXE
C:\WINDOWS\SYSTEM32\CGNFGLUO.EXE
C:\WINDOWS\SYSTEM32\CHHJGKLX.EXE
C:\WINDOWS\SYSTEM32\CHPRIHUS.EXE
C:\WINDOWS\SYSTEM32\CHWMTECM.EXE
C:\WINDOWS\SYSTEM32\CIOFSJXK.EXE
C:\WINDOWS\SYSTEM32\CIVTYLOH.EXE
C:\WINDOWS\SYSTEM32\CLFMBVIH.EXE
C:\WINDOWS\SYSTEM32\CMLRRDIO.EXE
C:\WINDOWS\SYSTEM32\CNUXFJFU.EXE
C:\WINDOWS\SYSTEM32\CPUWBVLS.EXE
C:\WINDOWS\SYSTEM32\CQFGVHHS.EXE
C:\WINDOWS\SYSTEM32\CSKOCLBQ.EXE
C:\WINDOWS\SYSTEM32\CSKSNKPO.EXE
C:\WINDOWS\SYSTEM32\CVCFGYXC.EXE
C:\WINDOWS\SYSTEM32\CVWVUKWI.EXE
C:\WINDOWS\SYSTEM32\CXOKBMHQ.EXE
C:\WINDOWS\SYSTEM32\DHLNWHWB.EXE
C:\WINDOWS\SYSTEM32\DIHQVAMA.EXE
C:\WINDOWS\SYSTEM32\DLYNUCSM.EXE
C:\WINDOWS\SYSTEM32\DOQETALD.EXE
C:\WINDOWS\SYSTEM32\DPCJHGKL.EXE
C:\WINDOWS\SYSTEM32\DPLILKAI.EXE
C:\WINDOWS\SYSTEM32\DSDJXBTU.EXE
C:\WINDOWS\SYSTEM32\DTMGKLDT.EXE
C:\WINDOWS\SYSTEM32\DTWQTQXX.EXE
C:\WINDOWS\SYSTEM32\DUKOIDVG.EXE
C:\WINDOWS\SYSTEM32\DVLYDUDR.EXE
C:\WINDOWS\SYSTEM32\DXPORYOE.EXE
C:\WINDOWS\SYSTEM32\DYPYLIRP.EXE
C:\WINDOWS\SYSTEM32\EAQCGYOO.EXE
C:\WINDOWS\SYSTEM32\ECPBSKLW.EXE
C:\WINDOWS\SYSTEM32\EDKGSODR.EXE
C:\WINDOWS\SYSTEM32\EFMAGKXX.EXE
C:\WINDOWS\SYSTEM32\EFNVEAIX.EXE
C:\WINDOWS\SYSTEM32\EFUPAJQN.EXE
C:\WINDOWS\SYSTEM32\EIVPLOVL.EXE
C:\WINDOWS\SYSTEM32\ETJWCTDE.EXE
C:\WINDOWS\SYSTEM32\ETSSXFBN.EXE
C:\WINDOWS\SYSTEM32\EVEODDHJ.EXE
C:\WINDOWS\SYSTEM32\EXKOEBKK.EXE
C:\WINDOWS\SYSTEM32\EYVBHFYX.EXE
C:\WINDOWS\SYSTEM32\FAWUXLKC.EXE
C:\WINDOWS\SYSTEM32\FDMIYBCR.EXE
C:\WINDOWS\SYSTEM32\FITPMATB.EXE
C:\WINDOWS\SYSTEM32\FLEHWQMP.EXE
C:\WINDOWS\SYSTEM32\FNWISJYI.EXE
C:\WINDOWS\SYSTEM32\FTELINOP.EXE
C:\WINDOWS\SYSTEM32\FTIUDBXJ.EXE
C:\WINDOWS\SYSTEM32\GFCKFDOW.EXE
C:\WINDOWS\SYSTEM32\GFDECLTK.EXE
C:\WINDOWS\SYSTEM32\GFRQBMIW.EXE
C:\WINDOWS\SYSTEM32\GHXBJDYT.EXE
C:\WINDOWS\SYSTEM32\GJFFCFET.EXE
C:\WINDOWS\SYSTEM32\GJYJQHID.EXE
C:\WINDOWS\SYSTEM32\GOMDNEFD.EXE
C:\WINDOWS\SYSTEM32\GTIQWSEF.EXE
C:\WINDOWS\SYSTEM32\GUVASNDS.EXE
C:\WINDOWS\SYSTEM32\GUVTNWIN.EXE
C:\WINDOWS\SYSTEM32\GVQNEDOO.EXE
C:\WINDOWS\SYSTEM32\HDXTFJDY.EXE
C:\WINDOWS\SYSTEM32\HEETIFVW.EXE
C:\WINDOWS\SYSTEM32\HFETVTWF.EXE
C:\WINDOWS\SYSTEM32\HFRVYKSC.EXE
C:\WINDOWS\SYSTEM32\HFSGDSHB.EXE
C:\WINDOWS\SYSTEM32\HHVXTUKU.EXE
C:\WINDOWS\SYSTEM32\HIOAXNVO.EXE
C:\WINDOWS\SYSTEM32\HKLPBYGN.EXE
C:\WINDOWS\SYSTEM32\HLERJSYX.EXE
C:\WINDOWS\SYSTEM32\HOERRTEC.EXE
C:\WINDOWS\SYSTEM32\HPIBDNPI.EXE
C:\WINDOWS\SYSTEM32\HSFGUMCC.EXE
C:\WINDOWS\SYSTEM32\HTJNNCPQ.EXE
C:\WINDOWS\SYSTEM32\HTKHAHMR.EXE
C:\WINDOWS\SYSTEM32\HTUJEFMN.EXE
C:\WINDOWS\SYSTEM32\IFAIUORN.EXE
C:\WINDOWS\SYSTEM32\IGBMVWHH.EXE
C:\WINDOWS\SYSTEM32\IHCYNRWG.EXE
C:\WINDOWS\SYSTEM32\IHOHYFUC.EXE
C:\WINDOWS\SYSTEM32\IKCOWHKA.EXE
C:\WINDOWS\SYSTEM32\ILBXNTWP.EXE
C:\WINDOWS\SYSTEM32\INBBODRF.EXE
C:\WINDOWS\SYSTEM32\INJUNTFM.EXE
C:\WINDOWS\SYSTEM32\IODBUCUI.EXE
C:\WINDOWS\SYSTEM32\IRHCKNRM.EXE
C:\WINDOWS\SYSTEM32\IVIJCKKV.EXE
C:\WINDOWS\SYSTEM32\JFTRFCQD.EXE
C:\WINDOWS\SYSTEM32\JHFNVIQU.EXE
C:\WINDOWS\SYSTEM32\JIBGVBER.EXE
C:\WINDOWS\SYSTEM32\JKQJUQKC.EXE
C:\WINDOWS\SYSTEM32\JQNIUBCS.EXE
C:\WINDOWS\SYSTEM32\JSCYLVJK.EXE
C:\WINDOWS\SYSTEM32\JTTGMHAH.EXE
C:\WINDOWS\SYSTEM32\JWJEERXD.EXE
C:\WINDOWS\SYSTEM32\JYEULJMF.EXE
C:\WINDOWS\SYSTEM32\KGPYAVGW.EXE
C:\WINDOWS\SYSTEM32\KMGUVNSE.EXE
C:\WINDOWS\SYSTEM32\KSLLYBPE.EXE
C:\WINDOWS\SYSTEM32\KTEGFYCP.EXE
C:\WINDOWS\SYSTEM32\KUFNQQUD.EXE
C:\WINDOWS\SYSTEM32\LBCIDWTH.EXE
C:\WINDOWS\SYSTEM32\LENIXRCG.EXE
C:\WINDOWS\SYSTEM32\LJTKXFHM.EXE
C:\WINDOWS\SYSTEM32\LNQDXGDF.EXE
C:\WINDOWS\SYSTEM32\LPLEOBUJ.EXE
C:\WINDOWS\SYSTEM32\LPNSYBRT.EXE
C:\WINDOWS\SYSTEM32\LQQBMVUL.EXE
C:\WINDOWS\SYSTEM32\LRAVHFCH.EXE
C:\WINDOWS\SYSTEM32\LSYIHBOI.EXE
C:\WINDOWS\SYSTEM32\LWNOUNVE.EXE
C:\WINDOWS\SYSTEM32\LXNBOQLD.EXE
C:\WINDOWS\SYSTEM32\MHVIUPFA.EXE
C:\WINDOWS\SYSTEM32\MJDYESHR.EXE
C:\WINDOWS\SYSTEM32\MKEBSVRP.EXE
C:\WINDOWS\SYSTEM32\MLGUWAJY.EXE
C:\WINDOWS\SYSTEM32\MMHXWKLC.EXE
C:\WINDOWS\SYSTEM32\MMNAQSET.EXE
C:\WINDOWS\SYSTEM32\MONFBUFW.EXE
C:\WINDOWS\SYSTEM32\MORAGHRW.EXE
C:\WINDOWS\SYSTEM32\MQXRYFUH.EXE
C:\WINDOWS\SYSTEM32\MRFJYXHJ.EXE
C:\WINDOWS\SYSTEM32\MRSTUMBI.EXE
C:\WINDOWS\SYSTEM32\MXXDNWLE.EXE
C:\WINDOWS\SYSTEM32\NBEETCVI.EXE
C:\WINDOWS\SYSTEM32\NCRFDXGD.EXE
C:\WINDOWS\SYSTEM32\NEBASIRA.EXE
C:\WINDOWS\SYSTEM32\NJTXJGSV.EXE
C:\WINDOWS\SYSTEM32\NJTXVEUP.EXE
C:\WINDOWS\SYSTEM32\NNONVXXF.EXE
C:\WINDOWS\SYSTEM32\NQCVQKFQ.EXE
C:\WINDOWS\SYSTEM32\NTQFARWL.EXE
C:\WINDOWS\SYSTEM32\NVFWKWLY.EXE
C:\WINDOWS\SYSTEM32\OAUUFHPQ.EXE
C:\WINDOWS\SYSTEM32\OBEOOWMX.EXE
C:\WINDOWS\SYSTEM32\OBRIBWCB.EXE
C:\WINDOWS\SYSTEM32\OBWSBCJQ.EXE
C:\WINDOWS\SYSTEM32\OCMXIGRX.EXE
C:\WINDOWS\SYSTEM32\OCTEBKYH.EXE
C:\WINDOWS\SYSTEM32\OCTEGDYB.EXE
C:\WINDOWS\SYSTEM32\OCYFSWVY.EXE
C:\WINDOWS\SYSTEM32\ODLHVMQI.EXE
C:\WINDOWS\SYSTEM32\OJSHCWJJ.EXE
C:\WINDOWS\SYSTEM32\OKRXDNPB.EXE
C:\WINDOWS\SYSTEM32\OLPMCOUF.EXE
C:\WINDOWS\SYSTEM32\OMPCORPH.EXE
C:\WINDOWS\SYSTEM32\ONSDQBNB.EXE
C:\WINDOWS\SYSTEM32\OQKHLPCX.EXE
C:\WINDOWS\SYSTEM32\OQRLWSOE.EXE
C:\WINDOWS\SYSTEM32\OQTLOEWA.EXE
C:\WINDOWS\SYSTEM32\OVPQLYEO.EXE
C:\WINDOWS\SYSTEM32\OWAMVYSE.EXE
C:\WINDOWS\SYSTEM32\OWTAQAXQ.EXE
C:\WINDOWS\SYSTEM32\OXGMTYUC.EXE
C:\WINDOWS\SYSTEM32\PANGQBPN.EXE
C:\WINDOWS\SYSTEM32\PFNGDMDM.EXE
C:\WINDOWS\SYSTEM32\PGXTRTRJ.EXE
C:\WINDOWS\SYSTEM32\PIGAEXND.EXE
C:\WINDOWS\SYSTEM32\PKBXTQDB.EXE
C:\WINDOWS\SYSTEM32\PKMETMGD.EXE
C:\WINDOWS\SYSTEM32\PMUXDKMX.EXE
C:\WINDOWS\SYSTEM32\PRJXFIOX.EXE
C:\WINDOWS\SYSTEM32\PSFVOCQQ.EXE
C:\WINDOWS\SYSTEM32\PTORVXMR.EXE
C:\WINDOWS\SYSTEM32\PUOABXYG.EXE
C:\WINDOWS\SYSTEM32\QAMCFCOT.EXE
C:\WINDOWS\SYSTEM32\QEPHFUYA.EXE
C:\WINDOWS\SYSTEM32\QFJBDEEV.EXE
C:\WINDOWS\SYSTEM32\QHGSQNIN.EXE
C:\WINDOWS\SYSTEM32\QHUMUTJD.EXE
C:\WINDOWS\SYSTEM32\QHWWRHMV.EXE
C:\WINDOWS\SYSTEM32\QIOFSLHR.EXE
C:\WINDOWS\SYSTEM32\QIPQASVB.EXE
C:\WINDOWS\SYSTEM32\QJECLODX.EXE
C:\WINDOWS\SYSTEM32\QKVSMAKA.EXE
C:\WINDOWS\SYSTEM32\QNFDFEMX.EXE
C:\WINDOWS\SYSTEM32\QQVPBXDM.EXE
C:\WINDOWS\SYSTEM32\QQYITVUK.EXE
C:\WINDOWS\SYSTEM32\QRXKPJLK.EXE
C:\WINDOWS\SYSTEM32\QTNRUQBV.EXE
C:\WINDOWS\SYSTEM32\RAVAPEKT.EXE
C:\WINDOWS\SYSTEM32\RBFYWNTQ.EXE
C:\WINDOWS\SYSTEM32\RGKIHRPQ.EXE
C:\WINDOWS\SYSTEM32\RJOSMSLF.EXE
C:\WINDOWS\SYSTEM32\RKRVNPVR.EXE
C:\WINDOWS\SYSTEM32\RRXEKASY.EXE
C:\WINDOWS\SYSTEM32\RTCCPSUS.EXE
C:\WINDOWS\SYSTEM32\RVCQABYW.EXE
C:\WINDOWS\SYSTEM32\RVKLMJTY.EXE
C:\WINDOWS\SYSTEM32\SAXHQXAV.EXE
C:\WINDOWS\SYSTEM32\SNKTFXAL.EXE
C:\WINDOWS\SYSTEM32\SPIVXAJE.EXE
C:\WINDOWS\SYSTEM32\SQFNBDXL.EXE
C:\WINDOWS\SYSTEM32\SRQTRYTI.EXE
C:\WINDOWS\SYSTEM32\STHPJQRI.EXE
C:\WINDOWS\SYSTEM32\SVBTDNUN.EXE
C:\WINDOWS\SYSTEM32\SVNORGSR.EXE
C:\WINDOWS\SYSTEM32\SVWRBWXP.EXE
C:\WINDOWS\SYSTEM32\TAHHHTSU.EXE
C:\WINDOWS\SYSTEM32\TBRPDAAQ.EXE
C:\WINDOWS\SYSTEM32\TTMGPHCH.EXE
C:\WINDOWS\SYSTEM32\TYACTIUS.EXE
C:\WINDOWS\SYSTEM32\TYNLWRMP.EXE
C:\WINDOWS\SYSTEM32\TYNVGTVE.EXE
C:\WINDOWS\SYSTEM32\UALAPBMM.EXE
C:\WINDOWS\SYSTEM32\UBNJQTXI.EXE
C:\WINDOWS\SYSTEM32\UFXABBAC.EXE
C:\WINDOWS\SYSTEM32\UISIORUC.EXE
C:\WINDOWS\SYSTEM32\UIXIHCQO.EXE
C:\WINDOWS\SYSTEM32\ULBFIDWX.EXE
C:\WINDOWS\SYSTEM32\UODPMRDJ.EXE
C:\WINDOWS\SYSTEM32\UOXQXMLS.EXE
C:\WINDOWS\SYSTEM32\USOVGBST.EXE
C:\WINDOWS\SYSTEM32\UTGHOMYQ.EXE
C:\WINDOWS\SYSTEM32\UUIWXUII.EXE
C:\WINDOWS\SYSTEM32\VHXMJVVK.EXE
C:\WINDOWS\SYSTEM32\VIUHGAUC.EXE
C:\WINDOWS\SYSTEM32\VJEDONKL.EXE
C:\WINDOWS\SYSTEM32\VXORMLDI.EXE
C:\WINDOWS\SYSTEM32\WDBURKGX.EXE
C:\WINDOWS\SYSTEM32\WDIWDJTF.EXE
C:\WINDOWS\SYSTEM32\WDTNMTXC.EXE
C:\WINDOWS\SYSTEM32\WEGAXJLW.EXE
C:\WINDOWS\SYSTEM32\WFKHXTBC.EXE
C:\WINDOWS\SYSTEM32\WGKSAFVC.EXE
C:\WINDOWS\SYSTEM32\WGVAHVCM.EXE
C:\WINDOWS\SYSTEM32\WHOBAYWM.EXE
C:\WINDOWS\SYSTEM32\WISPTIBN.EXE
C:\WINDOWS\SYSTEM32\WIWBIRME.EXE
C:\WINDOWS\SYSTEM32\WJFQHLUO.EXE
C:\WINDOWS\SYSTEM32\WLQVBRBH.EXE
C:\WINDOWS\SYSTEM32\WOPIDXCX.EXE
C:\WINDOWS\SYSTEM32\XBRONFCC.EXE
C:\WINDOWS\SYSTEM32\XDLYTWYF.EXE
C:\WINDOWS\SYSTEM32\XFNQJCPV.EXE
C:\WINDOWS\SYSTEM32\XGIHDHAK.EXE
C:\WINDOWS\SYSTEM32\XIGMELIW.EXE
C:\WINDOWS\SYSTEM32\XIKOQPUP.EXE
C:\WINDOWS\SYSTEM32\XJFSCILE.EXE
C:\WINDOWS\SYSTEM32\XKNUYEJM.EXE
C:\WINDOWS\SYSTEM32\XPNUJJJK.EXE
C:\WINDOWS\SYSTEM32\XPOSARNP.EXE
C:\WINDOWS\SYSTEM32\XRYVMRMH.EXE
C:\WINDOWS\SYSTEM32\XSDUDUDY.EXE
C:\WINDOWS\SYSTEM32\XWGPARAE.EXE
C:\WINDOWS\SYSTEM32\YELIECOD.EXE
C:\WINDOWS\SYSTEM32\YFFQHSJX.EXE
C:\WINDOWS\SYSTEM32\YMUAHQMP.EXE
C:\WINDOWS\SYSTEM32\YNSPWYFM.EXE
C:\WINDOWS\SYSTEM32\YOMKWJJW.EXE
C:\WINDOWS\SYSTEM32\YYATNRDJ.EXE
C:\WINDOWS\SYSTEM32\YYSWKMGD.EXE
C:\WINDOWS\Prefetch\AJAFTLUV.EXE-39431F8B.pf
C:\WINDOWS\Prefetch\ETSSXFBN.EXE-071A88E3.pf
C:\WINDOWS\Prefetch\GFCKFDOW.EXE-06012182.pf
C:\WINDOWS\Prefetch\LJTKXFHM.EXE-31395D0D.pf
C:\WINDOWS\Prefetch\NJTXVEUP.EXE-1132D9AA.pf
C:\WINDOWS\Prefetch\OCYFSWVY.EXE-22DC16B0.pf
C:\WINDOWS\Prefetch\QHGSQNIN.EXE-1CF79283.pf
C:\WINDOWS\Prefetch\QQVPBXDM.EXE-1DC801A1.pf
C:\WINDOWS\Prefetch\SVBTDNUN.EXE-3542BFA0.pf

**cavee** · 2008-03-18, 03:16

Adware.Vundo-Variant/Small-A
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122758.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124780.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124782.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124783.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127562.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127702.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128940.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129103.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131127.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131254.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131255.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131336.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131337.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131338.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131424.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0133575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0134593.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0134594.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0137626.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0137627.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137735.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138665.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138784.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138786.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138802.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138811.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138823.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138836.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138840.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138843.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138849.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138858.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138901.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138903.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138909.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138918.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138930.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138937.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138942.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138943.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138945.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138949.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138951.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138965.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138966.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138973.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138983.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138992.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138996.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138998.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139000.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139012.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139021.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139022.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139038.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139040.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139044.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139047.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139057.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139058.DLL
C:\WINDOWS\SYSTEM32\IHWKLJJU.DLL
C:\WINDOWS\SYSTEM32\NOAJEGRO.DLL

Trojan.Download-Gen/DSPRPRE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135716.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135725.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135734.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135749.DLL

Trojan.Downloader-Gen/AllowCookie
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135720.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135741.EXE

Trojan.Downloader-Gen/TStamp
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135849.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135895.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135926.EXE

Adware.Vundo/Traff-2
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135887.EXE

Trojan.Unclassified/Dropper-B
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137696.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138774.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138799.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138810.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138825.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138867.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138931.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139001.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139020.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139042.DLL

Adware.Vundo-Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138626.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138666.DLL

Adware.Vundo-Variant/B
C:\WINDOWS\SYSTEM32\ASFERRO.28

Trojan.WinFixer
C:\WINDOWS\SYSTEM32\DDCCB.DLL

**steamwiz** · 2008-03-18, 22:56

HI

Combofix, Ccleaner & SUPERAntiSpyware have removed a LOT of malware, so I would like to see some new logs please, to see just what is left to remove ...

First ... run a new Combofix scan, same as before & post the new log ...

Second ... please run hijackthis and post the new log ...

Third ... please run a new KASPERSKY ONLINE SCAN & post the log (it will be a lot shorter now)

steam

**cavee** · 2008-03-19, 03:55

Hi Steam, here's my Combofix log:

ComboFix 08-03-14.4 - in hong chong 2008-03-18 21:10:23.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.239 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\_000111_.tmp.dll

.
((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 18:41 . 2008-03-14 22:04 1,366,923 ---hs---- C:\WINDOWS\SYSTEM32\nradiffq.ini
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-13 18:33 . 2008-03-13 18:38 1,346,717 ---hs---- C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 19:12 . 2008-03-13 18:33 1,346,570 ---hs---- C:\WINDOWS\SYSTEM32\dnrfhvki.ini
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-08 21:48 . 2008-03-08 21:48 1,307,561 ---hs---- C:\WINDOWS\SYSTEM32\espobsqd.ini
2008-03-08 20:46 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
2008-03-07 21:47 . 2008-03-08 20:48 1,307,648 ---hs---- C:\WINDOWS\SYSTEM32\eqnvihkd.ini
2008-03-06 21:44 . 2008-03-07 18:10 1,306,737 ---hs---- C:\WINDOWS\SYSTEM32\oawvheed.ini
2008-03-05 21:46 . 2008-03-06 17:39 1,307,452 ---hs---- C:\WINDOWS\SYSTEM32\xoifusud.ini
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-03 19:55 . 2008-03-03 19:55 1,302,442 ---hs---- C:\WINDOWS\SYSTEM32\gnopfhwh.ini
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod
2008-02-20 12:09 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
2008-02-19 15:34 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:57 --------- d-----w C:\Program Files\QuickTime
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-14 21:45 --------- d-----w C:\Program Files\iTunes
2008-03-14 21:45 --------- d-----w C:\Program Files\DellSupport
2008-03-14 21:44 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-14 21:27 94,208 ----a-w C:\WINDOWS\SYSTEM32\igfxtray .exe
2008-03-14 21:27 77,824 ----a-w C:\WINDOWS\SYSTEM32\hkcmd .exe
2008-03-14 21:27 114,688 ----a-w C:\WINDOWS\SYSTEM32\igfxpers .exe
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
2008-03-10 01:10 3,289 ----a-w C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-10 00:04 15,360 ----a-w C:\WINDOWS\SYSTEM32\ctfmon .exe
2008-03-06 00:55 98,048 ----a-w C:\WINDOWS\SYSTEM32\asferro.dll
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
2007-12-19 23:01 347,136 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
2007-06-09 16:10 1,816,394 --sha-w C:\WINDOWS\Cursors\cdoavg.tmp
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.

Code:

<pre>
----a-w            39,792 2008-03-14 21:27:41  C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
----a-w         1,388,544 2008-03-14 21:27:20  C:\Program Files\Analog Devices\SoundMAX\SMax4PNP .exe
----a-w           159,832 2008-03-14 21:27:21  C:\Program Files\Common Files\AOL\1135963495\ee\AOLHostManager .exe
----a-w           290,816 2008-03-14 21:27:15  C:\Program Files\Dell\Media Experience\PCMService .exe
----a-w           202,544 2008-03-14 21:28:01  C:\Program Files\Dell Support Center\bin\sprtcmd .exe
----a-w            16,384 2008-03-14 21:27:37  C:\Program Files\Dell Support Center\gs_agent\custom\dsca .exe
----a-w           460,784 2008-03-14 21:27:56  C:\Program Files\DellSupport\DSAgnt .exe
----a-w            49,152 2008-03-14 21:27:36  C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w           267,048 2008-03-14 21:27:44  C:\Program Files\iTunes\iTunesHelper .exe
----a-w            32,881 2008-03-14 21:27:07  C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
----a-w           303,104 2008-03-14 21:27:16  C:\Program Files\McAfee.com\Agent\mcagent .exe
----a-w           212,992 2008-03-14 21:26:42  C:\Program Files\McAfee.com\Agent\mcupdate  .exe
----a-w           212,992 2008-03-02 04:10:36  C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w           212,992 2008-03-01 23:19:01  C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w         1,327,104 2008-03-14 21:27:23  C:\Program Files\McAfee.com\Personal Firewall\MpfTray .exe
----a-w           139,264 2008-03-14 21:27:14  C:\Program Files\McAfee.com\VSO\mcmnhdlr .exe
----a-w           180,224 2008-03-14 21:27:18  C:\Program Files\McAfee.com\VSO\mcvsshld .exe
----a-w            98,304 2008-03-10 00:56:41  C:\Program Files\QuickTime\qttask             .exe
----a-w            98,304 2008-03-10 00:56:41  C:\Program Files\QuickTime\qttask            .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask           .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask          .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask         .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask        .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask       .exe
----a-w           385,024 2008-03-10 00:56:47  C:\Program Files\QuickTime\qttask   .exe
----a-w            26,112 2008-02-17 22:03:32  C:\Program Files\Real\RealPlayer\RealPlay .exe
----a-w            53,248 2008-03-14 21:27:33  C:\Program Files\SmileyDistrict\plugin .exe
----a-w            15,360 2008-03-10 00:04:21  C:\WINDOWS\SYSTEM32\ctfmon .exe
----a-w            77,824 2008-03-14 21:27:31  C:\WINDOWS\SYSTEM32\hkcmd .exe
----a-w           114,688 2008-03-14 21:27:33  C:\WINDOWS\SYSTEM32\igfxpers .exe
----a-w            94,208 2008-03-14 21:27:24  C:\WINDOWS\SYSTEM32\igfxtray .exe
</pre>

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"fresxstyle"="lockbar.exe" []
"MSI Configuration"="msiconf.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"fresxstyle"="lockbar.exe" []
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"0cf5bf5f"="C:\WINDOWS\system32\qffidarn.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"fresxstyle"="lockbar.exe" []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtstuu]
awtstuu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]
vtsqo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - SASDIFSV
.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-18 21:14:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-18 21:15:38
ComboFix-quarantined-files.txt 2008-03-19 02:15:04
ComboFix2.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---

**cavee** · 2008-03-19, 03:56

Here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:55 PM, on 3/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [fresxstyle] lockbar.exe
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [0cf5bf5f] rundll32.exe "C:\WINDOWS\system32\qffidarn.dll",b
O4 - HKLM\..\RunServices: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...S_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...p1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/actives.../asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtstuu - awtstuu.dll (file missing)
O20 - Winlogon Notify: vtsqo - vtsqo.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8828 bytes

**cavee** · 2008-03-19, 03:58

And here is my Kaspersky log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 18, 2008 10:44:22 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 19/03/2008
Kaspersky Anti-Virus database records: 639642
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 69868
Number of viruses found: 37
Number of infected objects: 583
Number of suspicious objects: 1
Duration of the scan process: 01:15:00

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd001.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\state\logs\sprtcmd.log Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-3-18-2008( 20-55-35 ).LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\MSHist012008031820080319\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\QooBox\Quarantine\C\Program Files\PopsMedia Site Adviser\vm5_killer.exe.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\anvqhdjp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\awtstrr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ayrcckff.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bcpmxoqj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfeucled.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfrskukv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\biirnppd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bmqhiimk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bxpqckyd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cniwoxwg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\coptscfq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crkuftym.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ctmqcagx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\daaorewl.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ddcbbab.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dfblhsai.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dgheswnk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dhrqaihw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\djnykprh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dlkbqktx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnfhhqnf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnjayhyq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\lpjcqiax.dat.vir Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dwtkkagy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebejlork.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebhknmid.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eewcqufr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eidsocxs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ekhtbdla.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\epgdhegv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eqbrcbfu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\esivfaub.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ewdhmxns.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ixf skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fauhumhe.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fcvflxfj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fneqxbhs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fnmlajpb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jxa skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fqkwfcjt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fvmwutyh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fykatsvb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gdanhidc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gebbbyx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gmotpvbj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gspccmeu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gxbeniiq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\havndcbb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hdmjtxmp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hkbvlflj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hnokesms.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hqmxnwoh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hvqiaamn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ideqpfqv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iifcbcy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iwtjlqyl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iybfqbur.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkyuxhvv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jldsntwo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jyfnjgds.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kcfeanty.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kemqkked.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kpviwyrb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\krnucbbm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lcbidetx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lgkrnbqt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpgngthf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lptqwbku.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpvyswxu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lxpqdpgd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mdstnfiv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mljjhgg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mlrdamcn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrorqvca.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrscswqk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mtfbjukg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mwiqvvej.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nkfwcnvs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nktwhnje.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nmyffpid.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nnnnmno.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\npjjnhoo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nracbdsg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ntgxabbu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nujpiphq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nvlrdajn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oamvyfif.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obcjluer.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obmkvhrh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ocdclxag.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odjaqagk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odqidynf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oeeskshl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\onvhkukq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnlkig.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnllij.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnopml.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oqehngjb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oyuoumuy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pcwfhqma.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pmurvftk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pvkhuwxo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qmresxwf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qpitrvus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qxgdajup.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rqronnl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvfeehky.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvhajdab.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvrmoeha.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvxjuuta.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rwpokqto.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rxahjbxf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ryrrkcgr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\soarkccb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\spguythh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\srcjhqvo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\stgncecb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sulnevrl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\syyambqf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped

Thread: Hijackthis Report

Thread Tools

Display

Posting Permissions