Hijackthis Report

Status
Not open for further replies.
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132546.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132547.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132548.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132551.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132585.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132593.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132594.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132596.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132597.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132650.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0132651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133582.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133599.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133603.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133630.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0133632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134601.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134623.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134624.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134625.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0134673.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135595.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135597.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135598.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135599.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135600.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135602.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135603.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135604.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135605.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135606.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135607.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135608.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135609.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135610.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135611.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135612.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135613.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135614.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135615.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135616.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135617.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135618.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135619.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135620.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135621.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135622.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135632.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135635.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135638.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135643.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135644.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135645.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135646.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135647.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135648.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135649.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135656.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135658.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135664.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135665.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135696.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135697.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135699.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135700.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135701.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135702.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135703.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135704.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135705.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135706.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135780.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136629.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136630.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0136631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136991.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136998.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0136999.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137000.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137631.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137633.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137634.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137635.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137636.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137637.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137639.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137640.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137641.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137642.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137643.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137645.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137646.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137647.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137648.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137649.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137651.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137652.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137653.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137654.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137655.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137657.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137658.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137659.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp161\a0137661.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137697.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137698.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp162\a0137700.exe
 
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137701.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137702.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137703.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137704.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137716.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137719.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137720.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137721.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137722.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137723.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137724.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137725.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137727.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137728.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137729.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137730.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137731.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137732.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137733.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138632.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138638.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138646.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138678.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138679.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138681.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138692.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138693.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138696.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138750.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138751.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138752.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138755.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139184.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139185.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139186.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139187.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139188.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139189.EXE

Trojan.Downloader-SpyTool
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ACSQSWEX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AJINAYEY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AQVTJXWA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AYGYWTHI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EMCXNFSC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ENCEHYLX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JATKCPVM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JPJUNXOU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MRBANTAU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ODHFHKSJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TXQTWUVT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WBGHYHNI.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138769.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138772.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138776.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138778.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138833.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138834.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138887.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138897.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138929.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138950.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139017.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139035.DLL

Trojan.Downloader-CREW
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AEPWLKBW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AEYMFDXC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\APQHTUDT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AYMYDQUR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BBWLIDJP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BHOTIGGF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BJDOUVUC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BTCXTEWP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\BVTYJOWW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CFELXTRS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CFPKYYDB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CGFRYFKQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CNXHSCRY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CQQEVDNM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CWRHGMTR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CXLPKHGP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CYSHLDWU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DNIUGREU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DNSLCHWB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DPCTQYXQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DPTQNCRJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DQGKCIOC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DTWQEPII.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DYYVNPAW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EJUJGQMC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ELLTTSWY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EMCNNXOS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\EVONDEVK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FBAQRIXJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FHSJKLVR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FHWEPGLV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FILGUPRL.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FODWCMJN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FXNTHWST.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\FYFIRBVK.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GCWQQVYP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\GTUYYLWJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HBLHGFCA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HBRQCJNV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HFITGQWW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HIWMLNJO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HRQHBWVS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\HTTXPWNB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\IQVBSBCE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JCILJEKF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JDSGKRPT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JKNJWXAS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JMTSNHYR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JNNHSNDN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JTGNRWYH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JUKDYEJG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\JVDUOAYW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KANXIVVQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KMDYRWEO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\KRQOQLEG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LCCFIGXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LORDEQBP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LSPSHWPT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\LUSAMOSN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MBBJLYBW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MBEWTACA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MPFAKMDE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\MVCXKWSU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\NFHFTULO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\NPNNQGGA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OLLVOUWO.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OMCKTEVR.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OUHERYEB.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\OVMRLFTQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PCYWXMEH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PIVGNWWF.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PLUSFTJP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PMRKQOBS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PMUXJWTY.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\PUVEVYVC.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QLIBIDNS.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\QSXBARKG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RDEBJTYU.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\RNHKGWGM.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\SIVPWLFD.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\SWYMCDXT.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TBKXTSQJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TEDIOULN.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TKBEXYDH.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TOMCOTEJ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TTFKAOGE.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TVJEQGPQ.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\TYRKSHDA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UOFSXOID.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UOKTGIER.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\UWQPDKSW.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VAOKRTXA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VCIPBIOV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VGLKXKRA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VMEULKHI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\VOBJIUPG.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\WRADTLDI.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XKYWANFA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XNCQFAWX.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\XSVOQENV.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\YPUSFRGW.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135784.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138770.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138771.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138779.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138781.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138785.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138787.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138791.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138792.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138794.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138795.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138796.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138798.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138800.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138803.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138804.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138805.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138815.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138817.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138818.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138819.DLL
 
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138820.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138822.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138824.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138829.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138831.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138832.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138839.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138842.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138844.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138845.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138846.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138850.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138854.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138855.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138857.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138862.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138868.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138869.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138871.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138872.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138877.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138878.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138884.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138888.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138890.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138891.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138895.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138896.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138898.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138899.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138900.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138902.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138907.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138910.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138913.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138915.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138919.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138920.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138922.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138923.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138927.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138933.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138935.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138941.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138954.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138955.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138963.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138964.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138967.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138970.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138971.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138972.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138974.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138975.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138978.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138981.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138984.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138987.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138997.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139003.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139005.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139006.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139008.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139010.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139011.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139015.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139018.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139025.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139026.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139028.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139029.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139030.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139031.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139032.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139033.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139041.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139045.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139046.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139049.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139054.DLL
C:\WINDOWS\SYSTEM32\KCAAMNGA.DLL
C:\WINDOWS\SYSTEM32\NBUTFNDQ.DLL
C:\WINDOWS\SYSTEM32\NELWIIPD.DLL
C:\WINDOWS\SYSTEM32\OQFMNLXA.DLL
C:\WINDOWS\SYSTEM32\RGCUHIPU.DLL
C:\WINDOWS\SYSTEM32\ULHFXUAD.DLL

Trojan.Unknown Origin
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\AMSTREA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\ATL7.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\C.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CMPROP.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\CNVFA.DLL.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\DX3.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138763.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138764.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138765.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138766.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138767.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138768.DLL

Trojan.Download-Gen/N_BHO
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP131\A0108028.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0114056.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0114083.DLL

Trojan.Downloader-Gen/LIB
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113904.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113905.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113907.DLL

Trojan.Unclassified-Packed/Suspicious
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114393.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114775.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP135\A0114801.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129095.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131538.DLL

Adware.eZula
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP136\A0115356.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135707.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135710.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135711.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135712.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135713.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135714.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135715.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135717.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135718.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135719.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135723.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135724.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135727.EXE
 
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135728.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135729.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135730.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135731.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135732.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135733.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135735.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135736.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135739.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135740.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135742.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135743.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135744.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135745.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135746.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135748.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135750.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135752.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135753.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135755.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135756.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135757.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135758.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135759.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135760.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135761.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135762.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135763.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135764.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135765.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135766.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135768.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135770.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135771.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135772.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135773.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135774.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135776.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135777.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135781.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135782.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135783.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135785.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135786.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135788.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135789.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135790.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135791.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135792.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135793.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135794.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135795.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135797.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135798.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135799.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135800.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135801.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135802.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135803.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135804.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135805.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135806.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135807.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135808.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135809.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135811.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135812.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135813.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135814.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135815.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135816.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135817.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135819.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135820.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135821.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135822.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135823.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135824.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135825.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135827.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135828.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135830.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135831.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135832.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135833.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135834.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135835.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135836.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135837.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135838.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135839.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135840.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135841.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135842.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135843.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135844.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135845.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135848.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135850.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135851.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135853.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135854.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135856.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135857.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135858.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135859.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135860.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135862.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135863.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135864.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135865.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135866.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135867.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135868.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135869.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135870.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135871.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135873.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135874.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135875.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135876.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135877.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135878.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135880.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135882.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135883.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135884.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135885.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135886.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135888.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135889.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135890.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135891.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135892.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135893.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135896.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135897.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135898.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135899.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135901.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135902.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135903.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135904.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135906.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135907.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135909.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135910.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135911.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135912.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135914.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135915.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135916.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135918.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135919.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135920.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135921.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135922.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135923.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135925.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135927.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135928.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135929.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135930.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135931.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135932.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135933.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135934.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135935.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135936.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135937.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135938.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135939.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135940.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135941.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135942.exe
C:\system Volume Information\_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp159\a0135943.exe
 
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135944.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135945.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135946.EXE
C:\WINDOWS\SYSTEM32\CSKFMMOD.EXE
C:\WINDOWS\SYSTEM32\TOQMVAPJ.EXE

Adware.WhenU
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP149\A0119985.EXE

Trojan.Downloader-Gen/HardFall
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120430.DLL

Trojan.Downloader-Gen/DDC
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120484.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120497.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120519.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120545.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120640.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120731.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120825.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0120927.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121039.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121143.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121239.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP151\A0121343.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121373.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP152\A0121547.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0121652.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122666.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122842.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123767.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123786.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP158\A0127175.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127300.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127568.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127585.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127726.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127829.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127925.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128029.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128947.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128967.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128985.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129003.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0130140.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131135.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131214.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132458.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132584.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0133581.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137709.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137715.EXE
C:\WINDOWS\SYSTEM32\ABOPKXNN.EXE
C:\WINDOWS\SYSTEM32\ABRMUKXQ.EXE
C:\WINDOWS\SYSTEM32\ADNEYROS.EXE
C:\WINDOWS\SYSTEM32\AICUUPCL.EXE
C:\WINDOWS\SYSTEM32\AJAFTLUV.EXE
C:\WINDOWS\SYSTEM32\AJQKHTNJ.EXE
C:\WINDOWS\SYSTEM32\ASQNYAXS.EXE
C:\WINDOWS\SYSTEM32\AUPQYFOX.EXE
C:\WINDOWS\SYSTEM32\AXUSURMA.EXE
C:\WINDOWS\SYSTEM32\BELYHISU.EXE
C:\WINDOWS\SYSTEM32\BODFUBGB.EXE
C:\WINDOWS\SYSTEM32\BUTYSGYW.EXE
C:\WINDOWS\SYSTEM32\BXVXBQLT.EXE
C:\WINDOWS\SYSTEM32\CAADWCLU.EXE
C:\WINDOWS\SYSTEM32\CBDLHXKQ.EXE
C:\WINDOWS\SYSTEM32\CGNFGLUO.EXE
C:\WINDOWS\SYSTEM32\CHHJGKLX.EXE
C:\WINDOWS\SYSTEM32\CHPRIHUS.EXE
C:\WINDOWS\SYSTEM32\CHWMTECM.EXE
C:\WINDOWS\SYSTEM32\CIOFSJXK.EXE
C:\WINDOWS\SYSTEM32\CIVTYLOH.EXE
C:\WINDOWS\SYSTEM32\CLFMBVIH.EXE
C:\WINDOWS\SYSTEM32\CMLRRDIO.EXE
C:\WINDOWS\SYSTEM32\CNUXFJFU.EXE
C:\WINDOWS\SYSTEM32\CPUWBVLS.EXE
C:\WINDOWS\SYSTEM32\CQFGVHHS.EXE
C:\WINDOWS\SYSTEM32\CSKOCLBQ.EXE
C:\WINDOWS\SYSTEM32\CSKSNKPO.EXE
C:\WINDOWS\SYSTEM32\CVCFGYXC.EXE
C:\WINDOWS\SYSTEM32\CVWVUKWI.EXE
C:\WINDOWS\SYSTEM32\CXOKBMHQ.EXE
C:\WINDOWS\SYSTEM32\DHLNWHWB.EXE
C:\WINDOWS\SYSTEM32\DIHQVAMA.EXE
C:\WINDOWS\SYSTEM32\DLYNUCSM.EXE
C:\WINDOWS\SYSTEM32\DOQETALD.EXE
C:\WINDOWS\SYSTEM32\DPCJHGKL.EXE
C:\WINDOWS\SYSTEM32\DPLILKAI.EXE
C:\WINDOWS\SYSTEM32\DSDJXBTU.EXE
C:\WINDOWS\SYSTEM32\DTMGKLDT.EXE
C:\WINDOWS\SYSTEM32\DTWQTQXX.EXE
C:\WINDOWS\SYSTEM32\DUKOIDVG.EXE
C:\WINDOWS\SYSTEM32\DVLYDUDR.EXE
C:\WINDOWS\SYSTEM32\DXPORYOE.EXE
C:\WINDOWS\SYSTEM32\DYPYLIRP.EXE
C:\WINDOWS\SYSTEM32\EAQCGYOO.EXE
C:\WINDOWS\SYSTEM32\ECPBSKLW.EXE
C:\WINDOWS\SYSTEM32\EDKGSODR.EXE
C:\WINDOWS\SYSTEM32\EFMAGKXX.EXE
C:\WINDOWS\SYSTEM32\EFNVEAIX.EXE
C:\WINDOWS\SYSTEM32\EFUPAJQN.EXE
C:\WINDOWS\SYSTEM32\EIVPLOVL.EXE
C:\WINDOWS\SYSTEM32\ETJWCTDE.EXE
C:\WINDOWS\SYSTEM32\ETSSXFBN.EXE
C:\WINDOWS\SYSTEM32\EVEODDHJ.EXE
C:\WINDOWS\SYSTEM32\EXKOEBKK.EXE
C:\WINDOWS\SYSTEM32\EYVBHFYX.EXE
C:\WINDOWS\SYSTEM32\FAWUXLKC.EXE
C:\WINDOWS\SYSTEM32\FDMIYBCR.EXE
C:\WINDOWS\SYSTEM32\FITPMATB.EXE
C:\WINDOWS\SYSTEM32\FLEHWQMP.EXE
C:\WINDOWS\SYSTEM32\FNWISJYI.EXE
C:\WINDOWS\SYSTEM32\FTELINOP.EXE
C:\WINDOWS\SYSTEM32\FTIUDBXJ.EXE
C:\WINDOWS\SYSTEM32\GFCKFDOW.EXE
C:\WINDOWS\SYSTEM32\GFDECLTK.EXE
C:\WINDOWS\SYSTEM32\GFRQBMIW.EXE
C:\WINDOWS\SYSTEM32\GHXBJDYT.EXE
C:\WINDOWS\SYSTEM32\GJFFCFET.EXE
C:\WINDOWS\SYSTEM32\GJYJQHID.EXE
C:\WINDOWS\SYSTEM32\GOMDNEFD.EXE
C:\WINDOWS\SYSTEM32\GTIQWSEF.EXE
C:\WINDOWS\SYSTEM32\GUVASNDS.EXE
C:\WINDOWS\SYSTEM32\GUVTNWIN.EXE
C:\WINDOWS\SYSTEM32\GVQNEDOO.EXE
C:\WINDOWS\SYSTEM32\HDXTFJDY.EXE
C:\WINDOWS\SYSTEM32\HEETIFVW.EXE
C:\WINDOWS\SYSTEM32\HFETVTWF.EXE
C:\WINDOWS\SYSTEM32\HFRVYKSC.EXE
C:\WINDOWS\SYSTEM32\HFSGDSHB.EXE
C:\WINDOWS\SYSTEM32\HHVXTUKU.EXE
C:\WINDOWS\SYSTEM32\HIOAXNVO.EXE
C:\WINDOWS\SYSTEM32\HKLPBYGN.EXE
C:\WINDOWS\SYSTEM32\HLERJSYX.EXE
C:\WINDOWS\SYSTEM32\HOERRTEC.EXE
C:\WINDOWS\SYSTEM32\HPIBDNPI.EXE
C:\WINDOWS\SYSTEM32\HSFGUMCC.EXE
C:\WINDOWS\SYSTEM32\HTJNNCPQ.EXE
C:\WINDOWS\SYSTEM32\HTKHAHMR.EXE
C:\WINDOWS\SYSTEM32\HTUJEFMN.EXE
C:\WINDOWS\SYSTEM32\IFAIUORN.EXE
C:\WINDOWS\SYSTEM32\IGBMVWHH.EXE
C:\WINDOWS\SYSTEM32\IHCYNRWG.EXE
C:\WINDOWS\SYSTEM32\IHOHYFUC.EXE
C:\WINDOWS\SYSTEM32\IKCOWHKA.EXE
C:\WINDOWS\SYSTEM32\ILBXNTWP.EXE
C:\WINDOWS\SYSTEM32\INBBODRF.EXE
C:\WINDOWS\SYSTEM32\INJUNTFM.EXE
C:\WINDOWS\SYSTEM32\IODBUCUI.EXE
C:\WINDOWS\SYSTEM32\IRHCKNRM.EXE
C:\WINDOWS\SYSTEM32\IVIJCKKV.EXE
C:\WINDOWS\SYSTEM32\JFTRFCQD.EXE
C:\WINDOWS\SYSTEM32\JHFNVIQU.EXE
C:\WINDOWS\SYSTEM32\JIBGVBER.EXE
C:\WINDOWS\SYSTEM32\JKQJUQKC.EXE
C:\WINDOWS\SYSTEM32\JQNIUBCS.EXE
C:\WINDOWS\SYSTEM32\JSCYLVJK.EXE
C:\WINDOWS\SYSTEM32\JTTGMHAH.EXE
C:\WINDOWS\SYSTEM32\JWJEERXD.EXE
C:\WINDOWS\SYSTEM32\JYEULJMF.EXE
C:\WINDOWS\SYSTEM32\KGPYAVGW.EXE
C:\WINDOWS\SYSTEM32\KMGUVNSE.EXE
C:\WINDOWS\SYSTEM32\KSLLYBPE.EXE
C:\WINDOWS\SYSTEM32\KTEGFYCP.EXE
C:\WINDOWS\SYSTEM32\KUFNQQUD.EXE
C:\WINDOWS\SYSTEM32\LBCIDWTH.EXE
C:\WINDOWS\SYSTEM32\LENIXRCG.EXE
C:\WINDOWS\SYSTEM32\LJTKXFHM.EXE
C:\WINDOWS\SYSTEM32\LNQDXGDF.EXE
C:\WINDOWS\SYSTEM32\LPLEOBUJ.EXE
C:\WINDOWS\SYSTEM32\LPNSYBRT.EXE
C:\WINDOWS\SYSTEM32\LQQBMVUL.EXE
C:\WINDOWS\SYSTEM32\LRAVHFCH.EXE
C:\WINDOWS\SYSTEM32\LSYIHBOI.EXE
C:\WINDOWS\SYSTEM32\LWNOUNVE.EXE
C:\WINDOWS\SYSTEM32\LXNBOQLD.EXE
C:\WINDOWS\SYSTEM32\MHVIUPFA.EXE
C:\WINDOWS\SYSTEM32\MJDYESHR.EXE
C:\WINDOWS\SYSTEM32\MKEBSVRP.EXE
C:\WINDOWS\SYSTEM32\MLGUWAJY.EXE
C:\WINDOWS\SYSTEM32\MMHXWKLC.EXE
C:\WINDOWS\SYSTEM32\MMNAQSET.EXE
C:\WINDOWS\SYSTEM32\MONFBUFW.EXE
C:\WINDOWS\SYSTEM32\MORAGHRW.EXE
C:\WINDOWS\SYSTEM32\MQXRYFUH.EXE
C:\WINDOWS\SYSTEM32\MRFJYXHJ.EXE
C:\WINDOWS\SYSTEM32\MRSTUMBI.EXE
C:\WINDOWS\SYSTEM32\MXXDNWLE.EXE
C:\WINDOWS\SYSTEM32\NBEETCVI.EXE
C:\WINDOWS\SYSTEM32\NCRFDXGD.EXE
C:\WINDOWS\SYSTEM32\NEBASIRA.EXE
C:\WINDOWS\SYSTEM32\NJTXJGSV.EXE
C:\WINDOWS\SYSTEM32\NJTXVEUP.EXE
C:\WINDOWS\SYSTEM32\NNONVXXF.EXE
C:\WINDOWS\SYSTEM32\NQCVQKFQ.EXE
C:\WINDOWS\SYSTEM32\NTQFARWL.EXE
C:\WINDOWS\SYSTEM32\NVFWKWLY.EXE
C:\WINDOWS\SYSTEM32\OAUUFHPQ.EXE
C:\WINDOWS\SYSTEM32\OBEOOWMX.EXE
C:\WINDOWS\SYSTEM32\OBRIBWCB.EXE
C:\WINDOWS\SYSTEM32\OBWSBCJQ.EXE
C:\WINDOWS\SYSTEM32\OCMXIGRX.EXE
C:\WINDOWS\SYSTEM32\OCTEBKYH.EXE
C:\WINDOWS\SYSTEM32\OCTEGDYB.EXE
C:\WINDOWS\SYSTEM32\OCYFSWVY.EXE
C:\WINDOWS\SYSTEM32\ODLHVMQI.EXE
C:\WINDOWS\SYSTEM32\OJSHCWJJ.EXE
C:\WINDOWS\SYSTEM32\OKRXDNPB.EXE
C:\WINDOWS\SYSTEM32\OLPMCOUF.EXE
C:\WINDOWS\SYSTEM32\OMPCORPH.EXE
C:\WINDOWS\SYSTEM32\ONSDQBNB.EXE
C:\WINDOWS\SYSTEM32\OQKHLPCX.EXE
C:\WINDOWS\SYSTEM32\OQRLWSOE.EXE
C:\WINDOWS\SYSTEM32\OQTLOEWA.EXE
C:\WINDOWS\SYSTEM32\OVPQLYEO.EXE
C:\WINDOWS\SYSTEM32\OWAMVYSE.EXE
C:\WINDOWS\SYSTEM32\OWTAQAXQ.EXE
C:\WINDOWS\SYSTEM32\OXGMTYUC.EXE
C:\WINDOWS\SYSTEM32\PANGQBPN.EXE
C:\WINDOWS\SYSTEM32\PFNGDMDM.EXE
C:\WINDOWS\SYSTEM32\PGXTRTRJ.EXE
C:\WINDOWS\SYSTEM32\PIGAEXND.EXE
C:\WINDOWS\SYSTEM32\PKBXTQDB.EXE
C:\WINDOWS\SYSTEM32\PKMETMGD.EXE
C:\WINDOWS\SYSTEM32\PMUXDKMX.EXE
C:\WINDOWS\SYSTEM32\PRJXFIOX.EXE
C:\WINDOWS\SYSTEM32\PSFVOCQQ.EXE
C:\WINDOWS\SYSTEM32\PTORVXMR.EXE
C:\WINDOWS\SYSTEM32\PUOABXYG.EXE
C:\WINDOWS\SYSTEM32\QAMCFCOT.EXE
C:\WINDOWS\SYSTEM32\QEPHFUYA.EXE
C:\WINDOWS\SYSTEM32\QFJBDEEV.EXE
C:\WINDOWS\SYSTEM32\QHGSQNIN.EXE
C:\WINDOWS\SYSTEM32\QHUMUTJD.EXE
C:\WINDOWS\SYSTEM32\QHWWRHMV.EXE
C:\WINDOWS\SYSTEM32\QIOFSLHR.EXE
C:\WINDOWS\SYSTEM32\QIPQASVB.EXE
C:\WINDOWS\SYSTEM32\QJECLODX.EXE
C:\WINDOWS\SYSTEM32\QKVSMAKA.EXE
C:\WINDOWS\SYSTEM32\QNFDFEMX.EXE
C:\WINDOWS\SYSTEM32\QQVPBXDM.EXE
C:\WINDOWS\SYSTEM32\QQYITVUK.EXE
C:\WINDOWS\SYSTEM32\QRXKPJLK.EXE
C:\WINDOWS\SYSTEM32\QTNRUQBV.EXE
C:\WINDOWS\SYSTEM32\RAVAPEKT.EXE
C:\WINDOWS\SYSTEM32\RBFYWNTQ.EXE
C:\WINDOWS\SYSTEM32\RGKIHRPQ.EXE
C:\WINDOWS\SYSTEM32\RJOSMSLF.EXE
C:\WINDOWS\SYSTEM32\RKRVNPVR.EXE
C:\WINDOWS\SYSTEM32\RRXEKASY.EXE
C:\WINDOWS\SYSTEM32\RTCCPSUS.EXE
C:\WINDOWS\SYSTEM32\RVCQABYW.EXE
C:\WINDOWS\SYSTEM32\RVKLMJTY.EXE
C:\WINDOWS\SYSTEM32\SAXHQXAV.EXE
C:\WINDOWS\SYSTEM32\SNKTFXAL.EXE
C:\WINDOWS\SYSTEM32\SPIVXAJE.EXE
C:\WINDOWS\SYSTEM32\SQFNBDXL.EXE
C:\WINDOWS\SYSTEM32\SRQTRYTI.EXE
C:\WINDOWS\SYSTEM32\STHPJQRI.EXE
C:\WINDOWS\SYSTEM32\SVBTDNUN.EXE
C:\WINDOWS\SYSTEM32\SVNORGSR.EXE
C:\WINDOWS\SYSTEM32\SVWRBWXP.EXE
C:\WINDOWS\SYSTEM32\TAHHHTSU.EXE
C:\WINDOWS\SYSTEM32\TBRPDAAQ.EXE
C:\WINDOWS\SYSTEM32\TTMGPHCH.EXE
C:\WINDOWS\SYSTEM32\TYACTIUS.EXE
C:\WINDOWS\SYSTEM32\TYNLWRMP.EXE
C:\WINDOWS\SYSTEM32\TYNVGTVE.EXE
C:\WINDOWS\SYSTEM32\UALAPBMM.EXE
C:\WINDOWS\SYSTEM32\UBNJQTXI.EXE
C:\WINDOWS\SYSTEM32\UFXABBAC.EXE
C:\WINDOWS\SYSTEM32\UISIORUC.EXE
C:\WINDOWS\SYSTEM32\UIXIHCQO.EXE
C:\WINDOWS\SYSTEM32\ULBFIDWX.EXE
C:\WINDOWS\SYSTEM32\UODPMRDJ.EXE
C:\WINDOWS\SYSTEM32\UOXQXMLS.EXE
C:\WINDOWS\SYSTEM32\USOVGBST.EXE
C:\WINDOWS\SYSTEM32\UTGHOMYQ.EXE
C:\WINDOWS\SYSTEM32\UUIWXUII.EXE
C:\WINDOWS\SYSTEM32\VHXMJVVK.EXE
C:\WINDOWS\SYSTEM32\VIUHGAUC.EXE
C:\WINDOWS\SYSTEM32\VJEDONKL.EXE
C:\WINDOWS\SYSTEM32\VXORMLDI.EXE
C:\WINDOWS\SYSTEM32\WDBURKGX.EXE
C:\WINDOWS\SYSTEM32\WDIWDJTF.EXE
C:\WINDOWS\SYSTEM32\WDTNMTXC.EXE
C:\WINDOWS\SYSTEM32\WEGAXJLW.EXE
C:\WINDOWS\SYSTEM32\WFKHXTBC.EXE
C:\WINDOWS\SYSTEM32\WGKSAFVC.EXE
C:\WINDOWS\SYSTEM32\WGVAHVCM.EXE
C:\WINDOWS\SYSTEM32\WHOBAYWM.EXE
C:\WINDOWS\SYSTEM32\WISPTIBN.EXE
C:\WINDOWS\SYSTEM32\WIWBIRME.EXE
C:\WINDOWS\SYSTEM32\WJFQHLUO.EXE
C:\WINDOWS\SYSTEM32\WLQVBRBH.EXE
C:\WINDOWS\SYSTEM32\WOPIDXCX.EXE
C:\WINDOWS\SYSTEM32\XBRONFCC.EXE
C:\WINDOWS\SYSTEM32\XDLYTWYF.EXE
C:\WINDOWS\SYSTEM32\XFNQJCPV.EXE
C:\WINDOWS\SYSTEM32\XGIHDHAK.EXE
C:\WINDOWS\SYSTEM32\XIGMELIW.EXE
C:\WINDOWS\SYSTEM32\XIKOQPUP.EXE
C:\WINDOWS\SYSTEM32\XJFSCILE.EXE
C:\WINDOWS\SYSTEM32\XKNUYEJM.EXE
C:\WINDOWS\SYSTEM32\XPNUJJJK.EXE
C:\WINDOWS\SYSTEM32\XPOSARNP.EXE
C:\WINDOWS\SYSTEM32\XRYVMRMH.EXE
C:\WINDOWS\SYSTEM32\XSDUDUDY.EXE
C:\WINDOWS\SYSTEM32\XWGPARAE.EXE
C:\WINDOWS\SYSTEM32\YELIECOD.EXE
C:\WINDOWS\SYSTEM32\YFFQHSJX.EXE
C:\WINDOWS\SYSTEM32\YMUAHQMP.EXE
C:\WINDOWS\SYSTEM32\YNSPWYFM.EXE
C:\WINDOWS\SYSTEM32\YOMKWJJW.EXE
C:\WINDOWS\SYSTEM32\YYATNRDJ.EXE
C:\WINDOWS\SYSTEM32\YYSWKMGD.EXE
C:\WINDOWS\Prefetch\AJAFTLUV.EXE-39431F8B.pf
C:\WINDOWS\Prefetch\ETSSXFBN.EXE-071A88E3.pf
C:\WINDOWS\Prefetch\GFCKFDOW.EXE-06012182.pf
C:\WINDOWS\Prefetch\LJTKXFHM.EXE-31395D0D.pf
C:\WINDOWS\Prefetch\NJTXVEUP.EXE-1132D9AA.pf
C:\WINDOWS\Prefetch\OCYFSWVY.EXE-22DC16B0.pf
C:\WINDOWS\Prefetch\QHGSQNIN.EXE-1CF79283.pf
C:\WINDOWS\Prefetch\QQVPBXDM.EXE-1DC801A1.pf
C:\WINDOWS\Prefetch\SVBTDNUN.EXE-3542BFA0.pf
 
Adware.Vundo-Variant/Small-A
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0122758.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124780.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124782.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP156\A0124783.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127562.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0127702.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0128940.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0129103.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131127.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131254.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131255.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131336.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131337.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131338.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0131424.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0132575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0133575.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0134593.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0134594.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0137626.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0137627.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137735.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138665.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138784.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138786.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138802.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138811.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138823.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138836.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138840.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138843.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138849.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138858.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138901.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138903.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138909.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138918.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138930.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138937.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138942.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138943.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138945.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138949.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138951.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138965.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138966.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138973.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138983.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138992.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138996.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138998.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139000.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139012.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139021.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139022.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139038.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139040.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139044.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139047.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139057.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139058.DLL
C:\WINDOWS\SYSTEM32\IHWKLJJU.DLL
C:\WINDOWS\SYSTEM32\NOAJEGRO.DLL

Trojan.Download-Gen/DSPRPRE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135716.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135725.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135734.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135749.DLL

Trojan.Downloader-Gen/AllowCookie
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135720.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135741.EXE

Trojan.Downloader-Gen/TStamp
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135849.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135895.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135926.EXE

Adware.Vundo/Traff-2
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135887.EXE

Trojan.Unclassified/Dropper-B
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137696.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138774.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138799.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138810.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138825.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138867.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138931.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139001.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139020.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139042.DLL

Adware.Vundo-Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138626.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138666.DLL

Adware.Vundo-Variant/B
C:\WINDOWS\SYSTEM32\ASFERRO.28

Trojan.WinFixer
C:\WINDOWS\SYSTEM32\DDCCB.DLL
 
HI

Combofix, Ccleaner & SUPERAntiSpyware have removed a LOT of malware, so I would like to see some new logs please, to see just what is left to remove ...

First ... run a new Combofix scan, same as before & post the new log ...

Second ... please run hijackthis and post the new log ...

Third ... please run a new KASPERSKY ONLINE SCAN & post the log (it will be a lot shorter now)

steam
 
Hi Steam, here's my Combofix log:

ComboFix 08-03-14.4 - in hong chong 2008-03-18 21:10:23.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.239 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\_000111_.tmp.dll

.
((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-14 18:41 . 2008-03-14 22:04 1,366,923 ---hs---- C:\WINDOWS\SYSTEM32\nradiffq.ini
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-13 18:33 . 2008-03-13 18:38 1,346,717 ---hs---- C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 19:12 . 2008-03-13 18:33 1,346,570 ---hs---- C:\WINDOWS\SYSTEM32\dnrfhvki.ini
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-08 21:48 . 2008-03-08 21:48 1,307,561 ---hs---- C:\WINDOWS\SYSTEM32\espobsqd.ini
2008-03-08 20:46 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
2008-03-07 21:47 . 2008-03-08 20:48 1,307,648 ---hs---- C:\WINDOWS\SYSTEM32\eqnvihkd.ini
2008-03-06 21:44 . 2008-03-07 18:10 1,306,737 ---hs---- C:\WINDOWS\SYSTEM32\oawvheed.ini
2008-03-05 21:46 . 2008-03-06 17:39 1,307,452 ---hs---- C:\WINDOWS\SYSTEM32\xoifusud.ini
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-03 19:55 . 2008-03-03 19:55 1,302,442 ---hs---- C:\WINDOWS\SYSTEM32\gnopfhwh.ini
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod
2008-02-20 12:09 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
2008-02-19 15:34 . 2008-03-09 20:12 3,289 --a------ C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:57 --------- d-----w C:\Program Files\QuickTime
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-14 21:45 --------- d-----w C:\Program Files\iTunes
2008-03-14 21:45 --------- d-----w C:\Program Files\DellSupport
2008-03-14 21:44 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-14 21:27 94,208 ----a-w C:\WINDOWS\SYSTEM32\igfxtray .exe
2008-03-14 21:27 77,824 ----a-w C:\WINDOWS\SYSTEM32\hkcmd .exe
2008-03-14 21:27 114,688 ----a-w C:\WINDOWS\SYSTEM32\igfxpers .exe
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
2008-03-10 01:12 3,289 ----a-w C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
2008-03-10 01:10 3,289 ----a-w C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-10 00:04 15,360 ----a-w C:\WINDOWS\SYSTEM32\ctfmon .exe
2008-03-06 00:55 98,048 ----a-w C:\WINDOWS\SYSTEM32\asferro.dll
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
2007-12-19 23:01 347,136 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
2007-06-09 16:10 1,816,394 --sha-w C:\WINDOWS\Cursors\cdoavg.tmp
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.
Code: 
<pre>
----a-w            39,792 2008-03-14 21:27:41  C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
----a-w         1,388,544 2008-03-14 21:27:20  C:\Program Files\Analog Devices\SoundMAX\SMax4PNP .exe
----a-w           159,832 2008-03-14 21:27:21  C:\Program Files\Common Files\AOL\1135963495\ee\AOLHostManager .exe
----a-w           290,816 2008-03-14 21:27:15  C:\Program Files\Dell\Media Experience\PCMService .exe
----a-w           202,544 2008-03-14 21:28:01  C:\Program Files\Dell Support Center\bin\sprtcmd .exe
----a-w            16,384 2008-03-14 21:27:37  C:\Program Files\Dell Support Center\gs_agent\custom\dsca .exe
----a-w           460,784 2008-03-14 21:27:56  C:\Program Files\DellSupport\DSAgnt .exe
----a-w            49,152 2008-03-14 21:27:36  C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w           267,048 2008-03-14 21:27:44  C:\Program Files\iTunes\iTunesHelper .exe
----a-w            32,881 2008-03-14 21:27:07  C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
----a-w           303,104 2008-03-14 21:27:16  C:\Program Files\McAfee.com\Agent\mcagent .exe
----a-w           212,992 2008-03-14 21:26:42  C:\Program Files\McAfee.com\Agent\mcupdate  .exe
----a-w           212,992 2008-03-02 04:10:36  C:\Program Files\McAfee.com\Agent\mcupdate .exe
----a-w           212,992 2008-03-01 23:19:01  C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w         1,327,104 2008-03-14 21:27:23  C:\Program Files\McAfee.com\Personal Firewall\MpfTray .exe
----a-w           139,264 2008-03-14 21:27:14  C:\Program Files\McAfee.com\VSO\mcmnhdlr .exe
----a-w           180,224 2008-03-14 21:27:18  C:\Program Files\McAfee.com\VSO\mcvsshld .exe
----a-w            98,304 2008-03-10 00:56:41  C:\Program Files\QuickTime\qttask             .exe
----a-w            98,304 2008-03-10 00:56:41  C:\Program Files\QuickTime\qttask            .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask           .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask          .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask         .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask        .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask       .exe
----a-w           385,024 2008-03-10 00:56:47  C:\Program Files\QuickTime\qttask   .exe
----a-w            26,112 2008-02-17 22:03:32  C:\Program Files\Real\RealPlayer\RealPlay .exe
----a-w            53,248 2008-03-14 21:27:33  C:\Program Files\SmileyDistrict\plugin .exe
----a-w            15,360 2008-03-10 00:04:21  C:\WINDOWS\SYSTEM32\ctfmon .exe
----a-w            77,824 2008-03-14 21:27:31  C:\WINDOWS\SYSTEM32\hkcmd .exe
----a-w           114,688 2008-03-14 21:27:33  C:\WINDOWS\SYSTEM32\igfxpers .exe
----a-w            94,208 2008-03-14 21:27:24  C:\WINDOWS\SYSTEM32\igfxtray .exe
</pre>


-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"fresxstyle"="lockbar.exe" []
"MSI Configuration"="msiconf.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"fresxstyle"="lockbar.exe" []
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"0cf5bf5f"="C:\WINDOWS\system32\qffidarn.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"fresxstyle"="lockbar.exe" []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtstuu]
awtstuu.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]
vtsqo.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

*Newly Created Service* - SASDIFSV
.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-18 21:14:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-18 21:15:38
ComboFix-quarantined-files.txt 2008-03-19 02:15:04
ComboFix2.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---
 
Here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:20:55 PM, on 3/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [fresxstyle] lockbar.exe
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [0cf5bf5f] rundll32.exe "C:\WINDOWS\system32\qffidarn.dll",b
O4 - HKLM\..\RunServices: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [fresxstyle] lockbar.exe
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtstuu - awtstuu.dll (file missing)
O20 - Winlogon Notify: vtsqo - vtsqo.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8828 bytes
 
And here is my Kaspersky log:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, March 18, 2008 10:44:22 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 19/03/2008
Kaspersky Anti-Virus database records: 639642
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 69868
Number of viruses found: 37
Number of infected objects: 583
Number of suspicious objects: 1
Duration of the scan process: 01:15:00

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee.com\Agent\Logs\TaskScheduler\McTskshd001.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\SupportSoft\DellSupportCenter\SYSTEM\state\logs\sprtcmd.log Object is locked skipped
C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\AppLogs\SUPERANTISPYWARE-3-18-2008( 20-55-35 ).LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\in hong chong\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\History\History.IE5\MSHist012008031820080319\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\in hong chong\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat Object is locked skipped
C:\Documents and Settings\in hong chong\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\QooBox\Quarantine\C\Program Files\PopsMedia Site Adviser\vm5_killer.exe.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\anvqhdjp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\awtstrr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ayrcckff.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bcpmxoqj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfeucled.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bfrskukv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\biirnppd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bmqhiimk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bxpqckyd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cniwoxwg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\coptscfq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crkuftym.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ctmqcagx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\daaorewl.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ddcbbab.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dfblhsai.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dgheswnk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dhrqaihw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\djnykprh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dlkbqktx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnfhhqnf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dnjayhyq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\lpjcqiax.dat.vir Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dwtkkagy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebejlork.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebhknmid.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eewcqufr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eidsocxs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ekhtbdla.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\epgdhegv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\eqbrcbfu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\esivfaub.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ewdhmxns.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ixf skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fauhumhe.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fcvflxfj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fneqxbhs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fnmlajpb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jxa skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fqkwfcjt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fvmwutyh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fykatsvb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gdanhidc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gebbbyx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gmotpvbj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gspccmeu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gxbeniiq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\havndcbb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hdmjtxmp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hkbvlflj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hnokesms.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hqmxnwoh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\hvqiaamn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ideqpfqv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iifcbcy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iwtjlqyl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\iybfqbur.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jkyuxhvv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jldsntwo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jyfnjgds.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kcfeanty.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kemqkked.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kpviwyrb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\krnucbbm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lcbidetx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lgkrnbqt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpgngthf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lptqwbku.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lpvyswxu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lxpqdpgd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mdstnfiv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mljjhgg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mlrdamcn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrorqvca.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mrscswqk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mtfbjukg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mwiqvvej.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nkfwcnvs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nktwhnje.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nmyffpid.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nnnnmno.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\npjjnhoo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nracbdsg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ntgxabbu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nujpiphq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nvlrdajn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oamvyfif.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obcjluer.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\obmkvhrh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ocdclxag.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odjaqagk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\odqidynf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oeeskshl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\onvhkukq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnlkig.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnllij.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\opnopml.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oqehngjb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oyuoumuy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pcwfhqma.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pmurvftk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\pvkhuwxo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qmresxwf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qpitrvus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qxgdajup.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rqronnl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvfeehky.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvhajdab.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvrmoeha.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rvxjuuta.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rwpokqto.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rxahjbxf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ryrrkcgr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\soarkccb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\spguythh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\srcjhqvo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\stgncecb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sulnevrl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\syyambqf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
 
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tinnvdjm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tmojmdqt.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttiiueya.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuvstuv.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tuyymltd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\txcxecri.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ucudegfx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ufxilfgq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukmkpign.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umeraebp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umjprvyr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\umrbowoi.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\vyaykexw.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wkornwme.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wnxsfmye.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wwkurfjs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xdyjarsm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xjmvtblc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xosixbol.dll.vir Infected: not-a-virus:AdWare.Win32.SuperJuan.bce skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xpxbotin.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yayawxw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ypjkxyvg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yqkugabf.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ytyakqts.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yxehochp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ixe skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip/lpjcqiax.dat Infected: Rootkit.Win32.Agent.aap skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip/lpjcqiax.dat.1 Infected: Rootkit.Win32.Agent.aap skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip/jkhhf.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\QooBox\Quarantine\catchme2008-03-16_170453.67.zip ZIP: infected - 3 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113908.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113919.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP134\A0113920.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP153\A0123758.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135688.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135695.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135721.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135722.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135737.dll Infected: Trojan-Dropper.Win32.Agent.bxm skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135738.dll Infected: Trojan-Dropper.Win32.Agent.bxm skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135747.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135751.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135754.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135767.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135769.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135775.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135778.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135779.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135787.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135796.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135810.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135818.exe Infected: Backdoor.Win32.Pakes skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135826.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135829.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135846.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135847.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135852.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135855.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135861.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135872.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135879.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135881.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135894.exe Infected: Trojan-Downloader.Win32.Agent.bxr skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135900.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135905.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135908.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135913.exe Infected: Trojan-Clicker.Win32.Small.mw skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135917.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135924.dll Infected: Trojan-Downloader.Win32.ConHook.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0135947.bat Infected: Trojan.BAT.KillProc.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136626.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136627.dll Infected: Trojan-Clicker.Win32.Small.mw skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136651.exe Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP159\A0136691.exe Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136990.exe Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136993.dll Infected: not-a-virus:FraudTool.Win32.BraveSentry.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136994.dll Infected: not-a-virus:AdWare.Win32.SearchAssistant.k skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP161\A0136995.dll Infected: not-a-virus:AdWare.Win32.SearchAssistant.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0137717.dll Infected: Trojan.Win32.BHO.hj skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP162\A0138627.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138756.exe Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138762.sys Infected: Trojan.Win32.BHO.gy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138777.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138780.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138782.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138783.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138788.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138793.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138797.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138801.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138806.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138808.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138809.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138812.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138813.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138814.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138816.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138826.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138827.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138828.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138830.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138835.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138837.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138841.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138848.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138852.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138853.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138856.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138859.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138860.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
 
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138861.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138866.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138870.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138873.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138875.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138876.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138879.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138880.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138882.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138885.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138886.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138892.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138894.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138904.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138908.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138912.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138914.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138916.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138917.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138921.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138924.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138925.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138926.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138932.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138934.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138936.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138938.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138939.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138940.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138944.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138946.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138947.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138948.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138952.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138953.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138956.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138958.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138959.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138960.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138961.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138976.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138979.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138980.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138989.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138990.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138991.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138993.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138994.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138995.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0138999.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139002.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139004.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139007.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139009.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139013.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139014.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139016.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139019.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139023.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139024.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139034.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139043.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139048.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139051.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dhv skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139053.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP163\A0139055.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139685.dll Infected: not-a-virus:AdWare.Win32.MyWay.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139686.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139687.sys Infected: Rootkit.Win32.Agent.l skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139688.exe Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139689.exe Infected: Virus.Win32.Trats.d skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139690.dll Infected: not-a-virus:AdWare.Win32.BHO.gp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139691.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139696.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139697.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139698.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139699.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139700.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139701.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139702.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139703.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139704.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139705.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139706.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139707.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139708.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139709.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139710.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139711.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139712.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139713.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139714.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139715.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139716.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139717.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139718.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139719.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139720.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139721.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139722.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139723.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139724.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139725.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139726.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139727.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139728.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139729.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139730.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139731.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139732.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139733.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139734.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139735.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139736.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139737.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139738.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139739.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139740.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139741.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139742.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139743.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139744.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139745.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139746.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139747.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
 
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139748.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139749.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139750.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139751.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139752.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139753.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139754.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139755.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139756.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139757.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139758.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139759.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139760.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139761.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139762.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139763.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139764.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139765.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139766.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139767.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139768.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139769.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139770.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139771.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139772.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139773.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139774.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139775.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139776.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139777.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139778.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139779.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139780.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139781.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139782.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139783.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139784.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139785.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139786.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139787.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139788.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139789.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139790.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139791.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139792.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139793.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139794.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139795.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139796.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139797.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139798.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139799.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139800.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139801.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139802.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139803.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139804.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139805.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139806.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139807.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139808.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139809.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139810.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139811.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139812.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139813.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139814.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139815.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139816.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139817.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139818.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139819.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139820.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139821.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139822.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139823.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139824.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139825.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139826.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139827.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139828.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139829.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139830.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139831.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139832.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139833.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139834.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139835.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139836.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139837.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139838.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139839.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139840.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139841.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139842.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139843.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139844.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139845.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139846.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139847.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139848.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139849.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139850.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139851.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139852.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139853.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139854.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139855.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139856.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139857.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139858.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139859.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139860.exe Infected: Trojan.Win32.Obfuscated.kp skipped
 
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139861.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139862.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139863.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139864.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139865.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139866.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139867.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139868.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139869.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139870.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139871.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139872.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139873.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139874.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139875.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139876.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139877.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139878.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139879.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139880.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139881.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139882.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139883.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139884.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139885.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139886.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139887.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139888.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139889.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139890.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139891.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139892.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139893.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139894.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139895.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139896.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139897.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139898.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139899.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139900.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139901.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139902.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139903.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139904.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139905.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139906.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139907.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139908.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139909.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139910.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139911.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139912.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139913.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139914.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139915.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139916.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139917.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139918.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139919.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139920.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139921.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139922.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139923.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139924.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139925.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139926.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139927.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139928.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139929.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139930.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139931.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139932.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139933.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139934.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139935.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139936.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139937.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139938.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139939.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139940.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139941.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139942.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139943.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139944.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139945.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139946.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139947.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139948.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139949.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139950.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139951.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139952.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139953.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139954.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139955.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139956.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139957.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139958.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139959.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139960.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139961.exe Infected: Trojan.Win32.Obfuscated.kp skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139962.exe Infected: Trojan-Downloader.Win32.Agent.gwe skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139963.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139964.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.gen skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP164\A0139965.dll Infected: Trojan-Downloader.Win32.Small.bpk skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP165\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\asferro.25 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\asferro.26 Infected: Trojan.Win32.Pakes.cdw skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat Infected: Trojan.Win32.Agent.cid skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\ooeeoibc.exe Infected: Trojan.Win32.BHO.bd skipped
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir Infected: Virus.Win32.Trats.d skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
 
Hi

Nearly there...

It may still look like a lot of infected files, but most are now in quarantine ...

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the code box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code: 
File::
C:\WINDOWS\SYSTEM32\nradiffq.ini
C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
C:\WINDOWS\SYSTEM32\dnrfhvki.ini
C:\WINDOWS\SYSTEM32\espobsqd.ini
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\eqnvihkd.ini
C:\WINDOWS\SYSTEM32\oawvheed.ini
C:\WINDOWS\SYSTEM32\xoifusud.ini
C:\WINDOWS\SYSTEM32\gnopfhwh.ini
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\asferro.dll
C:\WINDOWS\SYSTEM32\asferro.25
C:\WINDOWS\SYSTEM32\asferro.26
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\ooeeoibc.exe
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir

RenV::
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP .exe
C:\Program Files\Common Files\AOL\1135963495\ee\AOLHostManager .exe
C:\Program Files\Dell\Media Experience\PCMService .exe
C:\Program Files\Dell Support Center\bin\sprtcmd .exe
C:\Program Files\Dell Support Center\gs_agent\custom\dsca .exe
C:\Program Files\DellSupport\DSAgnt .exe
C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched .exe
C:\Program Files\McAfee.com\Agent\mcagent .exe
C:\Program Files\McAfee.com\Agent\mcupdate .exe
C:\Program Files\McAfee.com\Personal Firewall\MpfTray .exe
C:\Program Files\McAfee.com\VSO\mcmnhdlr .exe
C:\Program Files\McAfee.com\VSO\mcvsshld .exe
C:\Program Files\QuickTime\qttask             .exe
C:\Program Files\Real\RealPlayer\RealPlay .exe
C:\Program Files\SmileyDistrict\plugin .exe
C:\WINDOWS\SYSTEM32\ctfmon .exe
C:\WINDOWS\SYSTEM32\hkcmd .exe
C:\WINDOWS\SYSTEM32\igfxpers .exe
C:\WINDOWS\SYSTEM32\igfxtray .exe

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtstuu]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vtsqo]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fresxstyle"=-
"MSI Configuration"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fresxstyle"=-
"0cf5bf5f"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"fresxstyle"=-

Save this as "CFScript.txt"

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
CFScript.gif


This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

steam
 
Hi steam.
Here is my Combofix log:

ComboFix 08-03-14.4 - in hong chong 2008-03-19 18:42:01.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.248 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\in hong chong\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\SYSTEM32\asferro.25
C:\WINDOWS\SYSTEM32\asferro.26
C:\WINDOWS\SYSTEM32\asferro.dll
C:\WINDOWS\SYSTEM32\dnrfhvki.ini
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat
C:\WINDOWS\SYSTEM32\eqnvihkd.ini
C:\WINDOWS\SYSTEM32\espobsqd.ini
C:\WINDOWS\SYSTEM32\gnopfhwh.ini
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\nradiffq.ini
C:\WINDOWS\SYSTEM32\oawvheed.ini
C:\WINDOWS\SYSTEM32\ooeeoibc.exe
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
C:\WINDOWS\SYSTEM32\xoifusud.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\SYSTEM32\asferro.25
C:\WINDOWS\SYSTEM32\asferro.26
C:\WINDOWS\SYSTEM32\dnrfhvki.ini
C:\WINDOWS\SYSTEM32\DRIVERS\cijexctk.dat
C:\WINDOWS\SYSTEM32\eqnvihkd.ini
C:\WINDOWS\SYSTEM32\espobsqd.ini
C:\WINDOWS\SYSTEM32\gnopfhwh.ini
C:\WINDOWS\SYSTEM32\jkhhf_exe.vir
C:\WINDOWS\SYSTEM32\nradiffq.ini
C:\WINDOWS\SYSTEM32\oawvheed.ini
C:\WINDOWS\SYSTEM32\ooeeoibc.exe
C:\WINDOWS\SYSTEM32\RCX48_tmp.vir
C:\WINDOWS\SYSTEM32\RCX4B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX55_tmp.vir
C:\WINDOWS\SYSTEM32\RCX61_tmp.vir
C:\WINDOWS\SYSTEM32\RCX6B_tmp.vir
C:\WINDOWS\SYSTEM32\RCX7E_tmp.vir
C:\WINDOWS\SYSTEM32\RCX84_tmp.vir
C:\WINDOWS\SYSTEM32\xkmfkxmi.ini
C:\WINDOWS\SYSTEM32\xoifusud.ini
C:\WINDOWS\SYSTEM32\asferro.dll . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-02-19 to 2008-03-19 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-19 23:41 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-19 23:41 --------- d-----w C:\Program Files\QuickTime
2008-03-19 23:41 --------- d-----w C:\Program Files\iTunes
2008-03-19 23:41 --------- d-----w C:\Program Files\DellSupport
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.
Code: 
<pre>
----a-w           212,992 2008-03-14 21:26:42  C:\Program Files\McAfee.com\Agent\mcupdate  .exe
----a-w           212,992 2008-03-01 23:19:01  C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w            98,304 2008-03-10 00:56:41  C:\Program Files\QuickTime\qttask            .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask           .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask          .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask         .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask        .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask       .exe
----a-w           385,024 2008-03-10 00:56:47  C:\Program Files\QuickTime\qttask   .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2008-03-01 23:10 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [2008-03-14 16:27 303104]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-19 18:48:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdui.exe
.
**************************************************************************
.
Completion time: 2008-03-19 18:55:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-19 23:55:07
ComboFix2.txt 2008-03-19 02:15:39
ComboFix3.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---


And here is my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:59:55 PM, on 3/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\mcafee.com\agent\McAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8675 bytes
 
Hi

WE have a stubborn one ...

Please try this :-

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the code box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code: 
Killall::

File::
C:\WINDOWS\system32\asferro.dll

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
Save this as "CFScript.txt"

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.
CFScript.gif


This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.

THEN ...

1. Download SDFix and save it to your Desktop.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

2. Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

3. Reboot into Safe Mode`:-

Reboot into >>>safe mode

4. Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.

It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.

When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.

Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).

Finally paste the contents of the Report.txt back on the forum.

steam
 
Hi steam.
Here is my Combofix log:
ComboFix 08-03-14.4 - in hong chong 2008-03-20 16:35:06.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.299 [GMT -5:00]
Running from: C:\Documents and Settings\in hong chong\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\in hong chong\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\system32\asferro.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\asferro.dll . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2008-02-20 to 2008-03-20 )))))))))))))))))))))))))))))))
.

2008-03-17 19:52 . 2008-03-17 21:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\in hong chong\Application Data\SUPERAntiSpyware.com
2008-03-17 19:52 . 2008-03-17 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-17 19:51 . 2008-03-17 19:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-17 19:09 . 2008-03-17 19:09 <DIR> d-------- C:\Program Files\CCleaner
2008-03-14 22:07 . 2008-03-14 22:07 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-03-14 19:36 . 2008-03-14 19:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-14 18:51 . 2008-03-14 19:18 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-14 18:51 . 2008-03-14 19:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-13 21:19 . 2008-03-14 00:16 <DIR> d-------- C:\Program Files\Security Task Manager
2008-03-13 21:19 . 2008-03-14 17:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-03-09 20:47 . 2008-03-09 20:47 80,959,471 --a------ C:\WINDOWS\pav.sig
2008-03-09 20:38 . 2005-10-20 10:34 69,632 --a------ C:\WINDOWS\SYSTEM32\asprouni.exe
2008-03-09 20:37 . 2008-03-09 20:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\ASPRO
2008-03-09 20:37 . 2008-03-09 21:15 30,590 --a------ C:\WINDOWS\SYSTEM32\pavaspro.ico
2008-03-09 20:37 . 2008-03-09 21:15 3,377 --a------ C:\WINDOWS\SYSTEM32\.ico
2008-03-09 20:37 . 2008-03-09 21:15 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstallpro.ico
2008-03-09 20:37 . 2008-03-09 21:15 1,406 --a------ C:\WINDOWS\SYSTEM32\Helppro.ico
2008-03-09 19:42 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-03-09 19:41 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\hyemhslckupp.sys
2008-03-09 19:28 . 2008-03-09 20:07 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-03-09 19:28 . 2008-03-09 19:28 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-03-09 19:28 . 2008-03-09 19:28 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-03-09 19:28 . 2008-03-09 19:28 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-03-09 18:54 . 2008-03-09 18:54 4,172 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-03-09 18:25 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-03-09 18:25 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-03-09 18:25 . 2008-03-09 01:15 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-03-09 18:25 . 2008-03-05 22:29 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-03-09 18:25 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-03-09 18:25 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-03-09 18:25 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-03-05 19:42 . 2008-03-05 19:42 <DIR> d-------- C:\Documents and Settings\eun soon chong\Application Data\HPAppData
2008-03-02 17:31 . 2008-03-14 16:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-02 17:31 . 2008-03-02 17:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-28 21:41 . 2008-02-28 21:41 <DIR> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-19 23:41 --------- d-----w C:\Program Files\SmileyDistrict
2008-03-19 23:41 --------- d-----w C:\Program Files\QuickTime
2008-03-19 23:41 --------- d-----w C:\Program Files\iTunes
2008-03-19 23:41 --------- d-----w C:\Program Files\DellSupport
2008-03-18 01:04 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\HPAppData
2008-03-18 00:42 --------- d-----w C:\Program Files\Yahoo!
2008-03-16 21:47 4,736 ----a-w C:\WINDOWS\system32\drivers\cijexctk.sys
2008-03-13 23:49 --------- d-----w C:\Program Files\Jasc Software Inc
2008-03-10 00:42 --------- d-----w C:\Program Files\Bonjour
2008-03-01 01:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-02-18 17:29 --------- d-----w C:\Documents and Settings\in ji chong\Application Data\Apple Computer
2008-02-18 03:35 --------- d-----w C:\Documents and Settings\in hong chong\Application Data\Apple Computer
2008-02-18 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-02-18 01:52 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 01:48 --------- d-----w C:\Program Files\Common Files\Apple
2008-02-18 01:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-02-17 22:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 22:29 --------- d-----w C:\Program Files\Ulead Systems
2008-02-17 22:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-02-17 22:26 --------- d-----w C:\Program Files\CyberLink
2008-02-17 22:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-02-17 22:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 22:24 --------- d-----w C:\Program Files\Common Files\aolshare
2008-02-17 22:21 --------- d-----w C:\Program Files\WildTangent
2008-02-17 22:13 --------- d-----w C:\Program Files\Common Files\Real
2008-02-01 04:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-25 21:42 --------- d-----w C:\Program Files\Intel
2008-01-25 21:32 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-25 20:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-01-25 20:19 --------- d-----w C:\Program Files\Dell Support Center
2008-01-25 20:18 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-03-02 00:35 65,552 ----a-w C:\Documents and Settings\in ji chong\Application Data\GDIPFONTCACHEV1.DAT
2002-09-19 03:42 3,178,828 ------w C:\Program Files\E.msi
.
Code: 
<pre>
----a-w           212,992 2008-03-14 21:26:42  C:\Program Files\McAfee.com\Agent\mcupdate  .exe
----a-w           212,992 2008-03-01 23:19:01  C:\Program Files\McAfee.com\Agent\MCUPDA~2 .EXE
----a-w            98,304 2008-03-10 00:56:41  C:\Program Files\QuickTime\qttask            .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask           .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask          .exe
----a-w            98,304 2008-03-10 00:56:42  C:\Program Files\QuickTime\qttask         .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask        .exe
----a-w            98,304 2008-03-10 00:56:44  C:\Program Files\QuickTime\qttask       .exe
----a-w           385,024 2008-03-10 00:56:47  C:\Program Files\QuickTime\qttask   .exe
</pre>


((((((((((((((((((((((((((((( snapshot@2008-03-19_18.54.37.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-03-19 23:48:06 16,810 ----a-w C:\WINDOWS\SYSTEM32\tablet.dat
+ 2008-03-20 21:41:01 16,810 ----a-w C:\WINDOWS\SYSTEM32\tablet.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3}]
2008-03-05 19:55 98048 --a------ C:\WINDOWS\system32\asferro.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Aim6"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [ ]
"MRT"="C:\WINDOWS\system32\MRT.exe" [ ]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2008-03-01 23:10 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [2008-03-14 16:27 303104]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 20:01:04 83360]
TabUserW.exe.lnk - C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe [2005-11-06 11:12:29 106496]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\WINDOWS\\system32"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R0 nftkecaa;nftkecaa;C:\WINDOWS\system32\drivers\lpjcqiax.sys []
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-03-14 01:03:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 16:41:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
**************************************************************************
.
Completion time: 2008-03-20 16:47:08 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-20 21:47:04
ComboFix2.txt 2008-03-19 23:55:12
ComboFix3.txt 2008-03-19 02:15:39
ComboFix4.txt 2008-03-16 22:11:57
.
2008-02-14 00:18:51 --- E O F ---

Here is my Hijackthislog:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:48:18 PM, on 3/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/vzc.portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {99DC9AB0-94F0-4ACA-B943-8FCCE5DEF0B3} - C:\WINDOWS\system32\asferro.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\WTablet\TabUserW.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029YYUS_ZCxdm244YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra 'Tools' menuitem: Smiley District - {0418F3E3-C763-4e02-9EC5-F0AE13B54B0F} - C:\Program Files\SmileyDistrict\insmile.dll (file missing)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)
O15 - Trusted Zone: *.musicmatch.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8475 bytes

And SDFix:
SDFix: Version 1.159

Run by in hong chong on Thu 03/20/2008 at 05:13 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found






Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-20 17:20:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000034
"TracesSuccessful"=dword:00000002

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\WINDOWS\\system32"="C:\\WINDOWS\\system32:*:Enabled:lockx"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"="C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1135963495\\ee\\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 24 Aug 2004 155,648 A..H. --- "C:\DELL\PRIMOSDK.DLL"
Tue 24 Aug 2004 360,448 A..H. --- "C:\DELL\PX.DLL"
Wed 28 Jul 2004 56,832 A..H. --- "C:\DELL\PXCPYA64.EXE"
Wed 28 Jul 2004 108,544 A..H. --- "C:\DELL\PXCPYI64.EXE"
Wed 18 Aug 2004 389,120 A..H. --- "C:\DELL\PXDRV.DLL"
Mon 2 Aug 2004 20,576 A..H. --- "C:\DELL\PXHELP20.SYS"
Mon 2 Aug 2004 54,976 A..H. --- "C:\DELL\PXHELP64.SYS"
Mon 2 Aug 2004 32,272 A..H. --- "C:\DELL\PXHELPER.SYS"
Mon 2 Aug 2004 26,720 A..H. --- "C:\DELL\PXHLPA64.SYS"
Mon 2 Aug 2004 57,344 A..H. --- "C:\DELL\PXHPINST.EXE"
Mon 2 Aug 2004 53,760 A..H. --- "C:\DELL\PXINSA64.EXE"
Mon 2 Aug 2004 104,960 A..H. --- "C:\DELL\PXINSI64.EXE"
Tue 24 Aug 2004 159,744 A..H. --- "C:\DELL\PXMAS.DLL"
Wed 28 Jul 2004 57,344 A..H. --- "C:\DELL\PXSETUP.EXE"
Tue 24 Aug 2004 339,968 A..H. --- "C:\DELL\PXWAVE.DLL"
Thu 20 May 2004 28,672 A..H. --- "C:\DELL\VXBLOCK.DLL"
Tue 24 Aug 2004 155,648 A..H. --- "C:\DELL\MEDIAEXE\PRIMOSDK.DLL"
Tue 24 Aug 2004 360,448 A..H. --- "C:\DELL\MEDIAEXE\PX.DLL"
Wed 28 Jul 2004 56,832 A..H. --- "C:\DELL\MEDIAEXE\PXCPYA64.EXE"
Wed 28 Jul 2004 108,544 A..H. --- "C:\DELL\MEDIAEXE\PXCPYI64.EXE"
Wed 18 Aug 2004 389,120 A..H. --- "C:\DELL\MEDIAEXE\PXDRV.DLL"
Mon 2 Aug 2004 20,576 A..H. --- "C:\DELL\MEDIAEXE\PXHELP20.SYS"
Mon 2 Aug 2004 54,976 A..H. --- "C:\DELL\MEDIAEXE\PXHELP64.SYS"
Mon 2 Aug 2004 32,272 A..H. --- "C:\DELL\MEDIAEXE\PXHELPER.SYS"
Mon 2 Aug 2004 26,720 A..H. --- "C:\DELL\MEDIAEXE\PXHLPA64.SYS"
Mon 2 Aug 2004 57,344 A..H. --- "C:\DELL\MEDIAEXE\PXHPINST.EXE"
Mon 2 Aug 2004 53,760 A..H. --- "C:\DELL\MEDIAEXE\PXINSA64.EXE"
Mon 2 Aug 2004 104,960 A..H. --- "C:\DELL\MEDIAEXE\PXINSI64.EXE"
Tue 24 Aug 2004 159,744 A..H. --- "C:\DELL\MEDIAEXE\PXMAS.DLL"
Wed 28 Jul 2004 57,344 A..H. --- "C:\DELL\MEDIAEXE\PXSETUP.EXE"
Tue 24 Aug 2004 339,968 A..H. --- "C:\DELL\MEDIAEXE\PXWAVE.DLL"
Thu 20 May 2004 28,672 A..H. --- "C:\DELL\MEDIAEXE\VXBLOCK.DLL"
Wed 1 Sep 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0\aolphx.exe"
Wed 1 Sep 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0\aoltray.exe"
Wed 1 Sep 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0\RBM.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Sat 9 Jun 2007 1,816,394 A.SH. --- "C:\WINDOWS\Cursors\cdoavg.tmp"
Tue 4 Oct 2005 324,367 A.SH. --- "C:\WINDOWS\SYSTEM32\gjkmp.tmp"
Sun 29 Oct 2006 871,079 A.SH. --- "C:\WINDOWS\SYSTEM32\siirvs.tmp"
Fri 17 Aug 2007 296 ..SH. --- "C:\WINDOWS\SYSTEM32\vbsdgayo.tmp"
Tue 29 Nov 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Sun 2 Mar 2008 26,112 ...H. --- "C:\Documents and Settings\in hong chong\My Documents\~WRL0001.tmp"
Sat 4 Mar 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Sat 1 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2(2)\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sat 1 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3(2)\lock.tmp"
Sun 23 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"
Sat 1 Sep 2007 8 A..H. --- "C:\Documents and Settings\in hong chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4(2)\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Mon 16 Apr 2007 8 A..H. --- "C:\Documents and Settings\in ji chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"
Sun 21 Oct 2007 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u1\lock.tmp"
Sun 21 Oct 2007 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u2\lock.tmp"
Sun 13 Jan 2008 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u3\lock.tmp"
Sun 13 Jan 2008 8 A..H. --- "C:\Documents and Settings\no won chong\Application Data\Gtek\GTUpdate\AUpdate\Channels\ch_u4\lock.tmp"

Finished!
 
Status
Not open for further replies.
Back
Top