various malware problems

hello there

heres my HJT log

Logfile of HijackThis v1.99.1
Scan saved at 5:11:20 PM, on 7/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149879949299
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149879923001
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


and the RegSearch one

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.5.0

; Results at 7/31/2007 5:09:18 PM for strings:
; 'tnidriver'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000\Control]

; End Of The Log...
 
Hello :)

  • Download RegASSASSIN by malwarebytes.org from here
  • Unzip/extract it to a folder on your desktop
  • Double-click on RegASSASSIN.exe to start RegASSASSIN
  • Copy and paste the below into the white box

    • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER
  • Click Delete
  • Answer Yes to any prompts

Also, delete these legacy-keys:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER
___________________________

Re-run Regsearch and search for TnIDriver

Post:
- A fresh HijackThis log
- RegSearch.txt
 
hey, i had a problem.

i tried to delete all of them, and got an error on each one that said it could NOT delete the registry keys.

nonetheless, i still ran RegSearch:

Windows Registry Editor Version 5.00

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.5.0

; Results at 8/1/2007 1:37:34 PM for strings:
; 'tnidriver'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER\0000\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000]
"Service"="TnIDriver"
"DeviceDesc"="TnIDriver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER\0000\Control]

; End Of The Log...


and HJT

Logfile of HijackThis v1.99.1
Scan saved at 1:39:45 PM, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149879949299
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149879923001
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
Hi ilikefood

Markka is away for some days and asked me to take over this thread.

  • Download Registrar Lite from here and install it.
  • Start Registrar Lite.
  • Type in to Address field this and click ok: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER
  • Right-click that key and choose Properties. Click "Take ownership".
  • Right-click that key again and choose Delete.
  • Repeat process for these keys:
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER
  • Note: If you can't delete those keys, perform Take Ownership to their subkeys first and delete them.

Re-run Regsearch and search for TnIDriver

Post:
- A fresh HijackThis log
- RegSearch.txt
 
hey there Shaba, thanks for helping out.

i couldn't run RegSearch because every time i did, it would eventually reach a point where it would search the same thing over and over. anytime i attempted to click the window, it would freeze.

But i have my HJT log

Logfile of HijackThis v1.99.1
Scan saved at 4:53:23 AM, on 8/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\126b5745ddca77b9d635ed46c361c072\update\update.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149879949299
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149879923001
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
Hi

Then we use another tool:

Please download the Registry Search tool by clicking on the "hard drive" icon halfway down this page:
http://www.billsway.com/vbspage/
Save it to the desktop and run it. If you get an alert from your antivirus about scripting, choose to allow the script to run. Search for TnIDriver and click OK. Post the logfile from the tool here for me.

You have also no antivirus installed:

Looking over your log, it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors NOW:

1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.
2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.
3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

Post:

- regsearch results
- a fresh HijackThis log.
 
hey i downloaded an anti-virus program and here is my stuff

HJT log

Logfile of HijackThis v1.99.1
Scan saved at 5:17:20 AM, on 8/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\126b5745ddca77b9d635ed46c361c072\update\update.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\WINDOWS\System32\WScript.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149879949299
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149879923001
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


and the RegSearch

REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "TnIDriver" 8/3/2007 5:08:48 AM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TNIDRIVER]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER]
 
Hi

Use Registrar Lite to delete these as above:

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TNIDRIVER

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TNIDRIVER

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_TNIDRIVER

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_TNIDRIVER

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TNIDRIVER

Do another registry search with registry search tool and post back results and a fresh HijackThis log.
 
hey

HJT log

Logfile of HijackThis v1.99.1
Scan saved at 6:05:53 AM, on 8/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\126b5745ddca77b9d635ed46c361c072\update\update.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149879949299
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149879923001
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


As for the registry scanner, it said TnIDriver wasn't found.
 
Hi

That's great :bigthumb:

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
  • Once the scanner is installed and the definitions downloaded, click Next.
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:

    o Scan using the following Anti-Virus database:

    + Extended (If available otherwise Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases
  • Click OK
  • Now under select a target to scan select My Computer
  • The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log
- kaspersky report
 
hi

my online scan

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, August 03, 2007 2:42:25 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 3/08/2007
Kaspersky Anti-Virus database records: 372590
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\

Scan Statistics:
Total number of scanned objects: 68863
Number of viruses found: 39
Number of infected objects: 895
Number of suspicious objects: 2
Duration of the scan process: 02:10:47

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\cert8.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\history.dat Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\key3.db Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\parent.lock Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2a1c7c9f-13f7cfc4.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2a1c7c9f-13f7cfc4.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2a1c7c9f-13f7cfc4.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2a1c7c9f-13f7cfc4.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3846e56d-1e2f0f9f.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3846e56d-1e2f0f9f.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3846e56d-1e2f0f9f.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3846e56d-1e2f0f9f.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-31a7d692-4b299fdf.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-31a7d692-4b299fdf.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-31a7d692-4b299fdf.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-31a7d692-4b299fdf.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-29defbe1-1a5e2ba5.zip/Counter.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-29defbe1-1a5e2ba5.zip/VerifierBug.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-29defbe1-1a5e2ba5.zip/web.exe Infected: Trojan.Win32.Small.ev skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-29defbe1-1a5e2ba5.zip/Worker.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-29defbe1-1a5e2ba5.zip/Xeyond.class Infected: Trojan.Java.Femad skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-29defbe1-1a5e2ba5.zip ZIP: infected - 5 skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-3e64ee5b-335a1fe0.zip/GetAccess.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-3e64ee5b-335a1fe0.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.aj skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-3e64ee5b-335a1fe0.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv605.jar-3149e4b4-523fbec1.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv605.jar-3149e4b4-523fbec1.zip/Counter.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv605.jar-3149e4b4-523fbec1.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv605.jar-3149e4b4-523fbec1.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\version.jar-73828a73-72552903.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\version.jar-73828a73-72552903.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\version.jar-73828a73-72552903.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\version.jar-73828a73-72552903.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Desktop\dss.exe Infected: IM-Worm.Win32.Sohanad.aw skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla\Firefox\Profiles\wi5ohu32.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\MBAHKJ2V\sp2-cydoor-728[1].swf Infected: not-virus:Hoax.SWF.Alerter.a skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\Brittany_Lynn_Miller.ppt Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\Music\saosin - saosin - plays pretty for baby.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\awesome.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\bathroom.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\blah!.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\BOOOOOOOOOOOOOO.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\brittany.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\cool.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\ddd.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\detention.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\eskimos_.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\f.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\ftg.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\gtghg.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iamapirate.jpg Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\ibidibida.bmp Object is locked skipped
 
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F03\T101.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F04\T102.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F05\T103.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F06\T104.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F07\T105.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F08\T106.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F09\T107.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F10\T108.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F11\T109.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F12\T110.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F13\T111.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F14\T112.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F15\T113.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F16\T114.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F17\T115.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F18\T116.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F19\T117.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F20\T118.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F21\T119.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F22\T120.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F23\T121.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F24\T122.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F25\T123.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F26\T124.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F27\T125.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F28\T126.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F29\T127.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F30\T128.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F31\T129.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F32\T130.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\F33\T131.ithmb Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\iPod Photo Cache\Photo Database Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\its true.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\okay.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\poop.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\shes awesome.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\si senorita.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\si.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\stoned.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\summer_2005_022.jpg Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\summer_2005_023.jpg Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\the cat.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\Thumbs.db Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\untitled.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\untitled636.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\untitledyayayayay.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\untitledYTOI.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\what.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\xbc.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\yeah.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\yes.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\photos\yupyup.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\555.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\cactushead.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\fdjfdj.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\for brittany.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\house.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\poop!.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\ROBOT.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\untitled.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\untitled0.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\untitled473.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\US.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\pictures of stuff\yeah.bmp Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\Thumbs.db Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\00 - independence day.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\03-the_f_ups-look_at_your_son_now-rtb.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\115-1208-fall_apart-fnt.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\atreyu - suicide notes and butterfly kisses - lip gloss and black.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\atreyu - the curse 29 06 04 - right side of the bed.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\autopilot off - make a sound - make a sound.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\autopilot off - promo only modern rock februar - what i want.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\burning brides - promo only modern rock june - heart full of black.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\chronic future - time and time again.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\eighteen visions - obsession - i let go.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\moments in grace - on tour w smile empty soul - broken promises(2).mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\rise against - paper wings.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\rise against - punk goes acoustic - swing life away.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\sum 41 - metallica mtv icon - metallica medly.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\sum 41 blink 182 green day greenday - good charlotte mest simple plan mxpx goldfinger.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\the explosion - burnout 3 takedown - here i am.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\the f-ups - lazy generation.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\v a - killer queen (a tribute to queen) - 12 - sum 41 - killer queen.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\Jerry's Stuff\touch me\yellowcard - ocean avenue - breathing.mp3 Object is locked skipped
C:\Documents and Settings\Owner\My Documents\saosin - saosin - plays pretty for baby.mp3 Object is locked skipped
C:\Documents and Settings\Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp10.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp102.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp107.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp10C.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp114.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp118.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp11E.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp12.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp14A.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp156.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp15A.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp15E.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp16.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp162.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp166.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp16A.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp16E.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp172.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp176.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp17A.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp17B.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp17E.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp182.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp186.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp18A.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp18E.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp192.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp196.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp19A.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp19E.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1A2.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1A6.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1AA.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1AE.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1B.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1B2.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1BA.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp1DD.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp2.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped
 
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp20B.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp20E.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp223.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp22F.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp230.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp242.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp243.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp24B.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp24C.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp28.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp2A.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp2B.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp32.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp55A.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp55C.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp562.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp568.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp5C.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp5E.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp5F.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp66.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp77.tmp.exe.vir Infected: Trojan.Win32.BHO.bi skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp78.tmp.exe.vir Infected: Trojan.Win32.BHO.bi skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp7E.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp86.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmp9B.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpA0.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpAE.tmp.exe.vir Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpAF.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpB5.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpB8.tmp.exe.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpBF.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpCA.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpCD.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpD0.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\DOCUME~1\Owner\APPLIC~1\tmpF1.tmp.exe.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\awtsqq.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\awtuut.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\awuvtq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\awwtss.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\awwwtt.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\awwwwt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\byvtus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\bywuvt.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\byyvvs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\QooBox\Quarantine\C\WINDOWS\byyyxw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\cbbbcy.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\cbxvus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\cbxxwt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\cbxyxx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\cbywvs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\cbyxwx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\cbyyay.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ddabaa.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ddabby.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ddabcb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\ddawtu.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ddawww.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ddaxya.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ddaywu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ddbawt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ddbcyy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ddbxwv.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\dddaaw.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\dddayw.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\dddcay.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\dddefe.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\efcdaa.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\efcywt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\efcywu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\efdcba.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\effdeb.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\fcbbyx.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\fccaby.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\fcccbb.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\fccddb.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\fcyaya.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\fcyyxu.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\fcyyyw.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\geddcb.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\gedded.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\geecbb.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\geeeef.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\hgdaxy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\hgdbbc.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\hgdbbx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\hgdbby.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\hgfcab.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\hgfdbb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\hgfdca.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\hgfggh.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\hgghec.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\hgghif.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\iifedd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\iihfgf.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\iihhgd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\iiighh.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\iiihhg.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\iiiigd.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\itpb_11.exe.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\QooBox\Quarantine\C\WINDOWS\itpb_3.exe.vir/data0002 Infected: not-a-virus:AdWare.Win32.Relevant.a skipped
C:\QooBox\Quarantine\C\WINDOWS\itpb_3.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\jkhebx.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\jkhecb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\jkhfdc.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\jkhfef.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\jkjjgd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\jkkhfd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\jkkiff.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\jkkige.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\jkkjhh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\kheefg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\khefca.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\khgecb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\khggef.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\khiiii.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ljgefd.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ljggfc.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ljgghf.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ljifef.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ljifge.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ljihig.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ljijij.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ljkhed.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlifcd.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlihec.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\mlihgg.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mliigh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\mlijii.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlijij.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlklig.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlmkli.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\mlmljj.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlmlkl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\mlmmki.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\mlmnll.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\nnkhfg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\nnkhgf.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\nnmjge.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\nnmkhg.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\nnolkk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\nnomml.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\opmjhh.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\opmjjj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\opmkji.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\opqolj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\opqrpo.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\pmkhgh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\pmkihg.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\pmkkli.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\pmlmkh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\pmnnon.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qomjhe.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qomkkj.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qomkkl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\qomklm.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qomnoo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\qonljg.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qonmnl.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\qonomm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\qopmlm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\QooBox\Quarantine\C\WINDOWS\qopnkj.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qopnop.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\qopppo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\qopqqq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\qopqrp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\rqoopo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\rqpomj.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\rqpqqq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\rqrolk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ssqrsp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ssroli.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ssronl.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ssropm.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ssrrol.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\sstqop.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ssttrs.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\ssturq.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ipv6mons.dll.vir Suspicious: Packed.Win32.Morphine.a skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ojdsregp.exe.vir Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\perfc000.dat.vir Infected: Backdoor.Win32.Small.os skipped
 
C:\QooBox\Quarantine\C\WINDOWS\system32\rlls.dll.vir Infected: not-a-virus:AdWare.Win32.RK.m skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp11C.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp12.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp151.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp16.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp1B.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp20.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp25.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp35.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp559.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp561.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp6E.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp73.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp82.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp87.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp88.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmp9.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmpAD.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmpB3.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmpC2.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmpE.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\tmpFD.tmp.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\tutrop.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\QooBox\Quarantine\C\WINDOWS\tutusq.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\tuvvvv.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\urpmkh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\urpnlm.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\urrono.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\urrppq.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\urrrqq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\urrrsq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\urrspp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\urrsss.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\urspqn.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\ursron.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\ursrro.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\vcttc012.exe.vir/data0004 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\QooBox\Quarantine\C\WINDOWS\vcttc012.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\vtrpnk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\vtrrol.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\vtrrop.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\vtrsts.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\vturoo.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\vtursp.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\vtuspm.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\vtussp.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\vtuuut.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\wvtrqq.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\wvtsqn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\wvvsqq.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\wvvtqr.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\wvvtut.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\wvvuvw.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\wvwvus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\wvwwwx.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\xxvtqo.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\xxvvvt.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\xxxwwx.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\xxyvtr.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\xxywwx.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\yaaayw.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\yabxxu.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\QooBox\Quarantine\C\WINDOWS\yabxxx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\yaxwtu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\QooBox\Quarantine\C\WINDOWS\yaxwus.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\QooBox\Quarantine\C\WINDOWS\yaxwxu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\QooBox\Quarantine\C\WINDOWS\yaxyyx.dll.vir Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP500\A0084364.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.ba skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP511\A0086581.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP511\A0086582.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP512\A0086599.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP512\A0086600.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP513\A0086606.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP514\A0086626.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP514\A0086627.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP514\A0086630.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP514\A0087639.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP514\A0087640.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP514\A0087641.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087660.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087661.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087665.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087667.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087668.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087670.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP515\A0087671.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP516\A0087679.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP516\A0087680.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP516\A0087682.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP516\A0087683.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP516\A0087685.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP516\A0087686.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP518\A0089655.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP518\A0089657.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP518\A0089658.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP518\A0089660.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0089671.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0089672.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0089676.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0089678.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
 
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0089679.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0091639.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0091640.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0091653.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0091654.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP519\A0091655.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0092639.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0092640.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0092641.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0092650.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0092653.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0092654.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093649.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093650.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093654.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093655.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093657.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093659.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093660.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093661.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093662.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093663.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093669.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093670.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093672.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093673.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093675.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093676.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093678.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093679.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093680.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093681.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093682.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093684.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP524\A0093685.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093692.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093693.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093694.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093695.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093697.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093700.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093701.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093702.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093704.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093706.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093708.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093710.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093711.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093712.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093713.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093714.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0093715.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP525\A0094722.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP526\A0094736.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP526\A0094737.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP526\A0094738.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095768.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095781.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095782.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095783.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095784.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095786.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095795.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095796.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095800.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095801.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095803.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095804.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095807.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095813.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095814.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095815.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP528\A0095816.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP529\A0096806.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP529\A0096825.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP529\A0096827.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP530\A0096833.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP530\A0096834.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP530\A0096841.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP530\A0096842.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096856.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096858.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096859.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096860.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096861.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096863.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096870.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096872.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096874.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP531\A0096877.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP532\A0096892.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP532\A0096893.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP532\A0096898.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0096915.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0096916.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0096921.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0096923.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0098820.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0098836.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0098838.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0098839.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0098845.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP533\A0098847.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP535\A0098869.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP535\A0098870.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP535\A0098929.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP535\A0098930.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0098964.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0098966.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099929.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099939.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099941.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099942.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099944.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099945.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099947.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099949.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099951.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099952.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099957.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099961.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099964.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP536\A0099966.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0099970.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0099973.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0099990.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0099993.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0099996.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0099999.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100002.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100005.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100008.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100011.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100014.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100017.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP537\A0100018.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP538\A0100026.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP538\A0100027.exe Infected: Trojan.Win32.Agent.agv skipped
 
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101935.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101939.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101943.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101947.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101956.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101958.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101959.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101962.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101964.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101965.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101974.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101975.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101977.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101979.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101981.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101984.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101987.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101989.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101994.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101995.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0101997.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102003.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102010.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102012.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102016.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102020.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102024.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102028.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102032.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102036.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102040.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102046.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP539\A0102050.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0102083.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0102086.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0102104.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0102106.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0102110.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0102111.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103141.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103143.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103149.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103152.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103153.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103156.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103159.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103162.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103165.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103168.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103170.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103174.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103175.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103178.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103179.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103182.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103183.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103184.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103185.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP540\A0103186.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103197.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103198.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103202.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103203.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103207.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103211.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103215.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103221.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103222.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103224.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103225.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103227.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103228.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103232.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103233.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103235.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103236.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103240.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103241.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103242.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103243.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103245.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103246.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103248.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103251.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103252.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103255.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103256.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103258.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103259.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103260.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103262.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103263.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103266.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103268.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103271.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103272.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP541\A0103273.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP542\A0103317.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP544\A0105310.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP545\A0107299.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP545\A0107342.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP547\A0108555.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP564\A0110957.exe Infected: Trojan-Downloader.Win32.Zlob.bqw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP569\A0114039.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119419.exe Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119421.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119423.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119427.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119430.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119439.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119443.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119449.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119451.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119496.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119509.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119513.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119517.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119519.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119522.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119526.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119530.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119534.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
 
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119539.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119543.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119547.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119548.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119551.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119556.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119560.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119564.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119568.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119573.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119577.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119581.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119585.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119590.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119594.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119598.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119602.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119604.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119607.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119611.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119617.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119621.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119626.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119627.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119632.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119635.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119637.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119640.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119641.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119643.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119644.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119648.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119650.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119651.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119659.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119698.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119700.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119703.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119705.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119711.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119713.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119714.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119722.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119740.exe Infected: Trojan.Win32.BHO.bi skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119741.exe Infected: Trojan.Win32.BHO.bi skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119747.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119756.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119778.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119784.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119798.exe Infected: Trojan-Downloader.Win32.Agent.bjk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119799.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119806.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119809.exe Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119816.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119824.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119827.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119830.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119838.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119849.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119851.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119859.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119861.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119866.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119873.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119878.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119885.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119896.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119897.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119904.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119906.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119911.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119913.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119914.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119916.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119922.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119924.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119926.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119929.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119931.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119932.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119935.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119941.dll Infected: not-a-virus:AdWare.Win32.RK.m skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119943.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119944.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119945.dll Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119947.exe/data0002 Infected: not-a-virus:AdWare.Win32.Relevant.a skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119947.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119966.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.o skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119977.exe/data0004 Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119977.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119984.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119985.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119986.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119987.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119988.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119989.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119990.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119991.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119992.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119993.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119994.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119996.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119997.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119998.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0119999.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120000.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120001.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120002.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120003.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120004.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120005.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120006.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120007.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120008.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120009.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120010.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120011.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120012.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120013.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120014.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120016.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120017.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120018.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120019.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120020.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
 
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120022.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120023.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120024.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120025.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120026.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120027.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120028.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120029.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120030.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120031.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120032.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120033.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120034.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120035.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120036.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120037.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120038.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120039.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120040.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120042.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120045.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120046.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120047.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120048.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120049.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120050.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120051.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120052.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120053.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120054.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120055.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120056.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120058.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120059.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120060.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120061.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120062.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120065.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120066.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120067.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120068.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120069.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120070.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120071.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120072.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120073.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120074.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120075.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120076.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120077.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120078.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120079.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120080.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120081.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120082.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120083.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120085.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120086.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120087.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120088.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120089.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120090.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120091.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120092.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120093.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120094.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120095.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120096.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120097.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120098.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120099.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120102.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120103.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120104.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120105.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120106.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120108.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120110.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120111.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120112.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120113.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120114.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120115.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120117.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120118.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120119.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120120.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120121.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120122.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120124.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120125.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120126.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120127.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120129.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120131.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120132.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120133.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120134.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120135.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120136.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120137.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120138.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120139.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120140.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120142.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jx skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120143.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120144.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120145.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120146.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120147.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120148.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120149.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120150.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120151.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120152.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120153.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120154.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120155.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120156.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120157.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120158.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120159.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120160.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120161.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120162.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120163.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120164.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120165.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120166.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120167.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120168.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120169.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120170.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120171.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120172.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120173.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120174.dll Infected: Trojan.Win32.Agent.agv skipped
 
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120175.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120176.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120177.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120178.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120181.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120182.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120183.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kw skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120184.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120185.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kk skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP580\A0120186.dll Infected: Trojan.Win32.Agent.agv skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122293.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122294.exe Infected: Trojan-Downloader.Win32.VB.awj skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122295.exe Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122296.exe Infected: Trojan-Downloader.Win32.VB.ang skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122297.exe Infected: Trojan-Dropper.Win32.Agent.bfr skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122298.exe/data0002 Infected: not-a-virus:AdWare.Win32.TTC.c skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122298.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122299.exe Infected: not-a-virus:AdWare.Win32.ZenoSearch.r skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP581\A0122300.exe Infected: not-virus:Hoax.Win32.Renos.fn skipped
C:\System Volume Information\_restore{02AEBB7D-6317-478D-8A98-57FB69D0EDFB}\RP597\change.log Object is locked skipped
C:\TTC.dll Infected: not-a-virus:AdWare.Win32.TTC.a skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\OWNER-C1RPWGUAV.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{FE329408-AE05-4F89-B271-0198D9534B75}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\stub_track4.exe Infected: not-a-virus:AdWare.Win32.BookedSpace.h skipped
C:\WINDOWS\sysrlb32.exe Infected: Trojan.Win32.VB.azo skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\G5\bk53.exe Infected: Trojan-Dropper.Win32.Agent.mu skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\tmrsrv32.exe Infected: Trojan-Downloader.Win32.VB.avl skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\Perflib_Perfdata_780.dat Object is locked skipped
C:\WINDOWS\TEMP\ZLT059e8.TMP Object is locked skipped
C:\WINDOWS\TEMP\ZLT059ee.TMP Object is locked skipped
C:\WINDOWS\TEMP\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.


and last but not least, my HJT log

Logfile of HijackThis v1.99.1
Scan saved at 2:57:02 PM, on 8/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1149879949299
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1149879923001
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
Hi

Empty these folders:

C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar
C:\QooBox\Quarantine\

Delete these:

C:\WINDOWS\stub_track4.exe
C:\WINDOWS\sysrlb32.exe
C:\WINDOWS\system32\G5
C:\WINDOWS\system32\tmrsrv32.exe

Empty Recycle Bin

  • Disable and Enable System Restore. - If you are using Windows XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

    You can find instructions on how to enable and reenable system restore here:

    Windows XP System Restore Guide

Re-scan with kaspersky

Post:

- a fresh HijackThis log
- kaspersky report
 
You must log in or register to reply here.
Back
Top