Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Once again i need your help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Once again i need your help

Unread postby benderbuddie » November 14th, 2007, 1:48 pm

Ok, i ran into trouble and had a friend accidentally download a .exe file that had bad friends riding along. I have had help from you guys before so i have the hijack log here and i still have combofix.exe but i wont use that unless directed too
My spyware quartined the files but i dont think its getting them all successfully.

here is my hijack log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:43:07 PM, on 11/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Picasa\PicasaMediaDetector.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Common Files\AOL\1100820089\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {837B45D6-BF85-457D-AABF-6D2E7815F791} - C:\WINDOWS\system32\jkkhhhe.dll
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [pdfFactory Dispatcher v1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeScape Media Detector] "C:\Program Files\Picasa\PicasaMediaDetector.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WildTangent CDA] "RUNDLL32.exe" "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1100820089\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NapsterShell] "C:\Program Files\Napster\napster.exe" /systray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} - http://205.159.125.199/central/02030106 ... ontent.cab
O16 - DPF: {0612502E-29F8-11D6-BC3C-00C0F0167E34} - http://www.crsdata.com/CRSDataObject/CRSNInfo.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - http://81.216.10.59/cult.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testge ... nstall.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/commo ... snoopy.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 4483939453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4483929515
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/softwar ... launch.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/Pe ... lAsst2.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/ ... Client.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} - http://free.aol.com/tryaolfree/cdt175/aolcdt175.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://anu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O16 - DPF: {ECF5F2BD-C78B-4C6F-91BB-2A311FCCA4C7} - http://www.shockwave.com/content/combat ... online.dll
O20 - Winlogon Notify: jkkhhhe - C:\WINDOWS\SYSTEM32\jkkhhhe.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 12034 bytes
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio
Advertisement
Register to Remove

Re: Once again i need your help

Unread postby askey127 » November 16th, 2007, 7:22 am

benderbuddie,
------------------------------------------------------------
Please download VundoFix.exe and Save to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
    Note: It is possible that VundoFix will encounter a file it cannot remove.
    In that case, VundoFix will run on reboot. Simply repeat the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis (reveal.exe) log.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Once again i need your help

Unread postby benderbuddie » November 16th, 2007, 4:37 pm

Here is the Vundo Log


VundoFix V6.6.1

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 12:00:49 PM 11/16/2007

Listing files found while scanning....

C:\windows\SYSTEM32\jkkhhhe.dll

Beginning removal...

Attempting to delete C:\windows\SYSTEM32\jkkhhhe.dll
C:\windows\SYSTEM32\jkkhhhe.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.6.1

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 12:13:57 PM 11/16/2007

Listing files found while scanning....

C:\windows\SYSTEM32\jkkhhhe.dll

Beginning removal...

Beginning removal...

Attempting to delete C:\windows\SYSTEM32\jkkhhhe.dll
C:\windows\SYSTEM32\jkkhhhe.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.6.1

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 3:08:00 PM 11/16/2007

Listing files found while scanning....

No infected files were found.


And here is the HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:32:07 PM, on 11/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Picasa\PicasaMediaDetector.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Common Files\AOL\1100820089\ee\AOLSoftware.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [pdfFactory Dispatcher v1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeScape Media Detector] "C:\Program Files\Picasa\PicasaMediaDetector.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [WildTangent CDA] "RUNDLL32.exe" "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1100820089\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NapsterShell] "C:\Program Files\Napster\napster.exe" /systray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} - http://205.159.125.199/central/02030106 ... ontent.cab
O16 - DPF: {0612502E-29F8-11D6-BC3C-00C0F0167E34} - http://www.crsdata.com/CRSDataObject/CRSNInfo.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - http://81.216.10.59/cult.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testge ... nstall.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/commo ... snoopy.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 4483939453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4483929515
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/softwar ... launch.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/Pe ... lAsst2.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/ ... Client.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} - http://free.aol.com/tryaolfree/cdt175/aolcdt175.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://anu.popcap.com/games/popcaploader_v5.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O16 - DPF: {ECF5F2BD-C78B-4C6F-91BB-2A311FCCA4C7} - http://www.shockwave.com/content/combat ... online.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 11871 bytes
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby askey127 » November 16th, 2007, 8:22 pm

benderbudie,
------------------------------------------------------------
Remove Old Versions of Java.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older versions of Java components.
  • Close any programs you may have running, ESPECIALLY your web browser
  • Click Start > Control Panel > Add/Remove Programs.
  • Check any item with Java Runtime Environment, JRE, J2SE, or Java Webstart in the name. EXCEPT JRE version 6 update 3
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove all OLD installed versions of Java.
    -----------------------------------------------------------
    Use Add/Remove Programs In Control Panel
    From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
    Highlight each Entry, as follows, one by one, if it exists, and choose Remove :
    Wild Tangent
    Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into Keeping the program.
    -----------------------------------------------------------
    Remove log items with HighjackThis. Start HijackThis.
    Click Do System Scan Only. When the Scan is complete, Check the following entries:
    (Some of these lines may be missing)

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*;*.local
    O4 - HKLM\..\Run: [WildTangent CDA] "RUNDLL32.exe" "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://anu.popcap.com/games/popcaploader_v5.cab
    O16 - DPF: {0612502E-29F8-11D6-BC3C-00C0F0167E34} - http://www.crsdata.com/CRSDataObject/CRSNInfo.cab

    Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
    Click the "X" in the upper right corner of the HiJackThis window to close it.
    -----------------------------------------------------
    REBOOT Your Machine
    -----------------------------------------------------
    Using Internet Explorer, Please Do an Online Scan with Kaspersky WebScanner.
    Go here to run an online scanner from Kaspersky.
    • Click on "Kaspersky Online Scanner"
    • A new smaller window will pop up. Press on "Accept". After reading the contents.
    • Now Kaspersky will update the anti-virus database. Let it run.
    • Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
    • Then click on "My Computer", and the scan will start.
    • Once finished, save the log to your Desktop as filename KAV.txt
-----------------------------------------------------------
Post a New HiJackThis Log
Start HijackThis reveal.exe).
Click Do System Scan and Save a Log File.
When the Scan is complete, select the whole log (Ctrl-A), copy and paste the log contents in a reply, along with the contants of KAV.TXT.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Once again i need your help

Unread postby benderbuddie » November 17th, 2007, 3:11 pm

Ok, I ran the vundo but i cant get on the internet on my computer. I have been using my frineds computer and a flash drive to transfer data since i am on a college network.

I'm downloading a new web browser hoping that will fix the problem and also a new comando firewall, because it says i need to reinstall it but i ran the vundo and it deleted a new file, here is the log and then the HJT log without running the virus scan, but if i run the scan successfully after trying to reinstall the webbroswer i will post the new logs


VundoFix V6.6.1

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 12:00:49 PM 11/16/2007

Listing files found while scanning....

C:\windows\SYSTEM32\jkkhhhe.dll

Beginning removal...

Attempting to delete C:\windows\SYSTEM32\jkkhhhe.dll
C:\windows\SYSTEM32\jkkhhhe.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.6.1

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 12:13:57 PM 11/16/2007

Listing files found while scanning....

C:\windows\SYSTEM32\jkkhhhe.dll

Beginning removal...

Beginning removal...

Attempting to delete C:\windows\SYSTEM32\jkkhhhe.dll
C:\windows\SYSTEM32\jkkhhhe.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.6.1

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 3:08:00 PM 11/16/2007

Listing files found while scanning....

No infected files were found.



HJT______________________________________________________--
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:00:05 PM, on 11/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Picasa\PicasaMediaDetector.exe
C:\Program Files\Common Files\AOL\1100820089\ee\AOLSoftware.exe
C:\Program Files\Napster\napster.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [pdfFactory Dispatcher v1] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LifeScape Media Detector] "C:\Program Files\Picasa\PicasaMediaDetector.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1100820089\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NapsterShell] "C:\Program Files\Napster\napster.exe" /systray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0122955E-1FB0-11D2-A238-006097FAEE8B} - http://205.159.125.199/central/02030106 ... ontent.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} - http://81.216.10.59/cult.cab
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.com/wizmodules/testge ... nstall.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200 ... taller.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {525A15D0-4938-11D4-94C7-0050DA20189B} - http://aol.ea.com/downloads/games/commo ... snoopy.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 4483939453
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4483929515
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/softwar ... launch.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/Pe ... lAsst2.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/ ... Client.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O16 - DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} - http://free.aol.com/tryaolfree/cdt175/aolcdt175.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsup ... mAData.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
O16 - DPF: {ECF5F2BD-C78B-4C6F-91BB-2A311FCCA4C7} - http://www.shockwave.com/content/combat ... online.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 11539 bytes



Thank you for putting in the time to help me!
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby askey127 » November 17th, 2007, 3:58 pm

benderbuddie,
Was the computer working on the Internet before we removed the last set of HiJackThis lines, or has it been off the air prior?
We can restore that Proxy OverRide entry if required, or you can get the network IT at school to reset it.

I would suggest downloading and running AVG Anti-Spyware as a scan, since it doesn't need a connected browser to run.
The procedure goes like this:
(You may have to run it without doing the update procedure)
-----------------------------------------------------------
Download and Run AVG Anti-Spyware:
Download the trial version of AVG Anti-Spyware from here and install it. When the program has been installed, and you click the Finish button, AVG Anti-Spyware will open. Do not run a scan yet.

If the program does not automatically update itself during installation, or you are unsure whether it has done so, please do the following:
  • Click the Update icon at the top and under Manual Update click the Start update button.
  • The program will either update or inform you that no update was available.
  • It is essential that you get the update - keep trying until successful. (Note: If you have problems getting the update, you can download an installer for the full database from here (save it on your desktop). Once you have downloaded the installer, make sure that AVG Anti-Spyware is closed and then double-click on avgas-signatures-full-current.exe to install the database).
Please set up the program as follows:
  • Click the Shield icon at the top and under Resident shield is... click active. This should now change to inactive.
  • Click the Update icon and untick the automatic update option.
  • Click on Scanner on the toolbar.
  • Click on the Settings tab.
    • Under How to act? - make sure that Quarantine is selected.
    • Under How to scan? - All checkboxes should be ticked.
    • Under Possibly unwanted software - All checkboxes should be ticked.
    • Under Reports - Select Do not automatically generate reports. <== This is important
    • Under What to scan? - Select Scan every file.
Close all open windows.
  • Click on Scanner on the program's toolbar.
  • Click on Complete System Scan to start the scan process.
  • Let the program scan your computer.
  • When the scan has finished, follow the instructions below:
    • Make sure that Set all elements to: shows Quarantine
    • Important: Click on the Apply all Actions button (*** This must done before saving the report ***)
    • When the program has finished, it will display the message All actions have been applied.
    • Then click the Save Scan Report button.
    • Click the Save Report as button.
    • Save the report to your Desktop.
  • Right-click the AVG Tray Icon and select Exit.
Please post back the AVG Report contents, and the info about when the machine lost Internet.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Once again i need your help

Unread postby benderbuddie » November 18th, 2007, 11:33 pm

it has been offline since i have been infected, I tried to connect to the internet a couple time but failed. My network said i was connected but yet i could not get either internet explorer or mozilla firefox to load the connection site that allows my machine to connect to the school server. All the log files were from me being offline and i was transfering files to a flash drive from computer to computer. When i try to pull up internet exploxer on the bottom bar where it says its loading a certain page this following line shows up with the error cannot load page "res://c:\windows\system32\shdoclc.dll/dnserror.htm" i'm assuming thats a malicious file and my spysweeper with antivirus has the following quartined, i'm not sure if they have control over my web browsers or what but they have turned off my comando firewall and wont let the connection webpage to be accessed. Here are the names of the files in quarntine " Mal/HckPK-A" this has the most files with c:\system volume information\_restoreb37680b2-ba0a-4e59-bf30-83E44c588624\rp16\A0012306.exe The numbers od the a.exe part rang from 0011914 to A0003772 being the lowest theres roughly 30 different numbers in that range. then ther is also Troj/virtum-Gen with a ending of A0011888.dll and anotther one of nod5c25.tmp. And finally theres is the virtumonde files three of them all Hklm two i think are exploreer files (i think these might be the corruption of my explorer) ones starts with BHO with numbers being 837b45d6-Bf85- i can write down the rest if you need them) then the other ends with shellexecutehooks and the last of those bad files ends with clsid


I couldnt get the AVg to my flash drive to run a scan but i will try, if i fixed the web browswer i then could so it but i'm hoping the info from my spysweeper will do something, please let me know wwhat you would liek me to do next.

Thanks again for all your help!
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby benderbuddie » November 19th, 2007, 1:56 am

Ok i firgured since avg has a log that my antivirus would and it does so i ran a sweep and here is the log from that . . . .it still has all the virus i discribed above

Thanks again1 (and this is Webroots Spysweeper with antivirus) . . . Its backwards i didnt know how to reverse it.

12:45 AM: Quarantining All Traces: Mal/VB-M
12:45 AM: Informational: Virus infected file c:\vundofix backups\jkkhhhe.dll.bad not cleaned.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection.
12:45 AM: Informational: File c:\vundofix backups\jkkhhhe.dll.bad still infected with virus Troj/Virtum-Gen after 1 round of disinfection.
12:45 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll not cleaned.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 20 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 19 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 18 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 17 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 16 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 15 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 14 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 13 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 12 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 11 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 10 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 9 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 8 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 7 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 6 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 5 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 4 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 3 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 2 rounds of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 1 round of disinfection.
12:45 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011888.dll still infected with virus Troj/Virtum-Gen after 1 round of disinfection.
12:45 AM: Quarantining All Traces: Troj/Virtum-Gen
12:45 AM: ApplicationMinimized - EXIT
12:45 AM: ApplicationMinimized - ENTER
12:41 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe not cleaned.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0008003.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:41 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe not cleaned.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:41 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0013868.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:40 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe not cleaned.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004986.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:40 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe not cleaned.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:40 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0009053.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:39 AM: Informational: Virus infected file c:\windows\system32\swreg.exe not cleaned.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:39 AM: Informational: File c:\windows\system32\swreg.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:39 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe not cleaned.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0005304.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:39 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe not cleaned.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010808.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:39 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe not cleaned.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp19\a0014093.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:39 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe not cleaned.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0009560.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:39 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe not cleaned.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:39 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006444.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:38 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe not cleaned.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007674.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:38 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe not cleaned.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0006442.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:38 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe not cleaned.
12:38 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0011914.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:37 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe not cleaned.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014640.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:37 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe not cleaned.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:37 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011743.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:36 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe not cleaned.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:36 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0010163.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:36 AM: Informational: Virus infected file c:\program files\trend micro\hijackthis\hijackthis.exe not cleaned.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:36 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:35 AM: Informational: File c:\program files\trend micro\hijackthis\hijackthis.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:35 AM: Informational: Virus infected file c:\windows\erdnt\subs\erdnt.exe not cleaned.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:35 AM: Informational: File c:\windows\erdnt\subs\erdnt.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:35 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe not cleaned.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp16\a0012907.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:35 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe not cleaned.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004988.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:35 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe not cleaned.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp15\a0011432.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:35 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe not cleaned.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:35 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0004984.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:34 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe not cleaned.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp14\a0007676.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:34 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe not cleaned.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:34 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0014139.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:33 AM: Informational: Virus infected file c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe not cleaned.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 20 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 19 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 18 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 17 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 16 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 15 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 14 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 13 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 12 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 11 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 10 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 9 rounds of disinfection.
12:33 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 8 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 7 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 6 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 5 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 4 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 3 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 2 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/VB-M after 1 round of disinfection.
12:32 AM: Informational: File c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\rp20\a0015615.exe still infected with virus Mal/HckPk-A after 1 round of disinfection.
12:32 AM: Quarantining All Traces: Mal/HckPk-A
12:32 AM: Traces Found: 57
12:32 AM: Custom Sweep has completed. Elapsed time 01:55:08
12:32 AM: File Sweep Complete, Elapsed Time: 01:51:45
12:17 AM: Warning: SweepDirectories: Cannot find directory "d:". This directory was not added to the list of paths to be scanned.
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms59454482-52ac-402b-89d6-6e3cc53181e4.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms6e65288c-8adf-4248-afc8-342d4e3668e0.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms480147ed-40c3-4bd1-9318-0a93b335d5c0.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa2634c73-7273-4bde-af57-c7b051ebc265.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms2d77ce26-27ec-4e28-91a5-43dd56b9c222.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsfa6852f1-b20e-4d98-9726-94ea438bad54.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsc9d9f97b-b307-48b9-9ea9-e69da753899a.tmp]
12:15 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms98d581ad-2cc7-4aa9-84c1-4f42fdcb6ece.tmp]
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms59454482-52ac-402b-89d6-6e3cc53181e4.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms6e65288c-8adf-4248-afc8-342d4e3668e0.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms480147ed-40c3-4bd1-9318-0a93b335d5c0.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsa2634c73-7273-4bde-af57-c7b051ebc265.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms2d77ce26-27ec-4e28-91a5-43dd56b9c222.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsfa6852f1-b20e-4d98-9726-94ea438bad54.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsc9d9f97b-b307-48b9-9ea9-e69da753899a.tmp". The operation completed successfully
12:15 AM: Warning: Failed to open file "c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms98d581ad-2cc7-4aa9-84c1-4f42fdcb6ece.tmp". The operation completed successfully
12:13 AM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\windows\system32\config\default]
12:13 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms87e3c6c8-5183-457f-9250-bceb5ab19fcf.tmp]
12:13 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms59a2f13c-7847-4e3e-ba9b-5f76166c9b81.tmp]
Trace marked as Always Remove
12:13 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP20\A0015615.exe (ID = 0)
Trace marked as Always Remove
12:13 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP20\A0015615.exe (ID = 0)
Trace marked as Always Remove
12:12 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP20\A0014139.exe (ID = 0)
Trace marked as Always Remove
12:12 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP20\A0014139.exe (ID = 0)
Trace marked as Always Remove
12:12 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0007676.exe (ID = 0)
Trace marked as Always Remove
12:12 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0004984.exe (ID = 0)
Trace marked as Always Remove
12:12 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0004984.exe (ID = 0)
12:12 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\pagefile.sys]
Trace marked as Always Remove
12:11 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0011432.exe (ID = 0)
Trace marked as Always Remove
12:10 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0004988.exe (ID = 0)
12:10 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsce1f9d4a-5faf-478a-becc-81f6310048ec.tmp]
Trace marked as Always Remove
12:10 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012907.exe (ID = 0)
Trace marked as Always Remove
12:10 AM: C:\WINDOWS\erdnt\subs\ERDNT.EXE (ID = 0)
Trace marked as Always Remove
12:08 AM: C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (ID = 0)
Trace marked as Always Remove
12:08 AM: C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (ID = 0)
Trace marked as Always Remove
12:08 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0011888.dll (ID = 0)
Trace marked as Always Remove
12:08 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0011888.dll (ID = 0)
12:08 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\dan bender\ntuser.dat]
12:08 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\software]
12:08 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\system]
Trace marked as Always Remove
12:06 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0010163.exe (ID = 0)
Trace marked as Always Remove
12:02 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0011743.exe (ID = 0)
Trace marked as Always Remove
12:02 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0011743.exe (ID = 0)
Trace marked as Always Remove
12:01 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP20\A0014640.EXE (ID = 0)
Trace marked as Always Remove
12:01 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0011914.exe (ID = 0)
Trace marked as Always Remove
12:01 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0011914.exe (ID = 0)
Trace marked as Always Remove
12:00 AM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0006442.exe (ID = 0)
12:00 AM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms0a9e8eab-dc7c-480f-b930-f92a534cd707.tmp]
Trace marked as Always Remove
11:59 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0007674.exe (ID = 0)
Trace marked as Always Remove
11:59 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0007674.exe (ID = 0)
11:59 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms3606ac81-6e62-400d-bc0f-6d73aa7587dd.tmp]
11:59 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms00490078-50fd-4bf2-a4fc-80635c895ff4.tmp]
11:59 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms6d6ee969-09d2-4a94-a6bb-1d138efa5565.tmp]
11:57 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms66001855-4f71-4219-a2c2-72acc1745752.tmp]
11:57 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsbcaba761-7cc9-43e3-8aef-8d20be52df64.tmp]
11:57 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssmsdce209f1-0d06-4cda-97f4-bfefd9a72425.tmp]
Trace marked as Always Remove
11:55 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0006444.exe (ID = 0)
Trace marked as Always Remove
11:50 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0009560.EXE (ID = 0)
Trace marked as Always Remove
11:50 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP19\A0014093.exe (ID = 0)
11:50 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2747.jpg]
Trace marked as Always Remove
11:50 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0010808.EXE (ID = 0)
Trace marked as Always Remove
11:48 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0005304.EXE (ID = 0)
11:48 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc322.jpg]
11:48 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2753.jpg]
11:48 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc327.jpg]
11:48 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2744.jpg]
11:48 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2639.jpg]
11:47 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2762.jpg]
11:47 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2521.jpg]
Trace marked as Always Remove
11:47 PM: C:\WINDOWS\SYSTEM32\swreg.exe (ID = 0)
Trace marked as Always Remove
11:46 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0009053.exe (ID = 0)
Trace marked as Always Remove
11:46 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0009053.exe (ID = 0)
Trace marked as Always Remove
11:46 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0004986.exe (ID = 0)
Trace marked as Always Remove
11:46 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP19\A0013868.exe (ID = 0)
Trace marked as Always Remove
11:46 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP19\A0013868.exe (ID = 0)
11:46 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2784.jpg]
11:45 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc318.jpg]
11:45 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc326.jpg]
Trace marked as Always Remove
11:45 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0008003.EXE (ID = 0)
Trace marked as Always Remove
11:45 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0008857.exe (ID = 0)
11:45 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2765.jpg]
11:45 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc317.jpg]
Trace marked as Always Remove
11:44 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0004649.exe (ID = 0)
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2780.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2756.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2757.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2782.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2763.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2766.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2772.jpg]
11:43 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2751.jpg]
11:42 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2788.jpg]
11:42 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc328.jpg]
11:42 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2781.jpg]
11:42 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2783.jpg]
11:41 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc312.jpg]
11:41 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2785.jpg]
11:40 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2752.jpg]
11:40 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2777.jpg]
11:40 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2769.jpg]
11:40 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2779.jpg]
11:40 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2745.jpg]
11:40 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc320.jpg]
11:39 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2662.jpg]
11:39 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc308.jpg]
11:38 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc325.jpg]
Trace marked as Always Remove
11:38 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0006441.exe (ID = 0)
11:38 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2776.jpg]
11:37 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc319.jpg]
11:37 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\config\security]
Trace marked as Always Remove
11:37 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0009106.exe (ID = 0)
11:37 PM: Found Mal/VB-M: Mal/VB-M
Trace marked as Always Remove
11:37 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP15\A0009106.exe (ID = 0)
11:37 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2764.jpg]
11:37 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc324.jpg]
11:36 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2773.jpg]
11:36 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2755.jpg]
11:36 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2768.jpg]
11:35 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc316.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2524.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2519.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2520.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2522.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2580.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2526.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2527.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2528.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2582.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2530.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2531.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2578.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2626.jpg]
11:33 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2583.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2620.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2621.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2622.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2623.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2625.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2627.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2628.jpg]
11:32 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2632.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2629.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc313.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2635.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2637.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2523.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2641.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2642.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2630.jpg]
11:31 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2576.jpg]
11:30 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2643.jpg]
11:30 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2631.jpg]
11:30 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2633.jpg]
11:30 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc321.jpg]
11:30 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2644.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2742.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2771.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2786.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2646.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2651.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2589.jpg]
Trace marked as Always Remove
11:29 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0006154.exe (ID = 0)
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2649.jpg]
11:29 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2774.jpg]
Trace marked as Always Remove
11:29 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0006445.exe (ID = 0)
11:28 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2741.jpg]
11:28 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2650.jpg]
11:28 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2624.jpg]
11:28 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2636.jpg]
11:28 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2645.jpg]
11:27 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2653.jpg]
11:26 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2750.jpg]
11:26 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc311.jpg]
11:26 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc310.jpg]
11:25 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2743.jpg]
Trace marked as Always Remove
11:25 PM: C:\Program Files\TrojanHunter 5.0\Tools\Process Viewer\ProcessViewer.exe (ID = 0)
Trace marked as Always Remove
11:25 PM: C:\Program Files\TrojanHunter 5.0\Tools\Autostart Explorer\AutostartExplorer.exe (ID = 0)
Trace marked as Always Remove
11:24 PM: C:\qoobox\Hiv-backup\ERDNT.EXE (ID = 0)
11:24 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2654.jpg]
11:23 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2634.jpg]
11:23 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2647.jpg]
11:23 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2638.jpg]
11:23 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2656.jpg]
11:22 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2649_edited.jpg]
11:22 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc309.jpg]
11:22 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2655.jpg]
11:22 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2661.jpg]
11:21 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2748.jpg]
11:20 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc323.jpg]
11:20 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc315.jpg]
11:20 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2640.jpg]
Trace marked as Always Remove
11:20 PM: C:\Program Files\TrojanHunter 5.0\SubmitFiles\SubmitFiles.exe (ID = 0)
11:18 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc314.jpg]
11:17 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2778.jpg]
11:12 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2767.jpg]
Trace marked as Always Remove
11:12 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP20\A0014234.exe (ID = 0)
Trace marked as Always Remove
11:11 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0003772.exe (ID = 0)
Trace marked as Always Remove
11:11 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE (ID = 0)
11:10 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2749.jpg]
11:08 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2775.jpg]
Trace marked as Always Remove
11:07 PM: C:\Program Files\TrojanHunter 5.0\Tools\MemString\MemString.exe (ID = 0)
11:07 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dc210\dc307.jpg]
Trace marked as Always Remove
11:07 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0003773.exe (ID = 0)
11:02 PM: Warning: AntiVirus engine for IFO returned [Error Code DFFBFDF0] on [c:\recycler\s-1-5-21-1275430942-3865691052-706719691-1006\dscn2746.jpg]
Trace marked as Always Remove
11:00 PM: C:\Program Files\TrojanHunter 5.0\Tools\Window List\WindowList.exe (ID = 0)
Trace marked as Always Remove
10:57 PM: C:\VundoFix Backups\jkkhhhe.dll.bad (ID = 0)
Trace marked as Always Remove
10:57 PM: C:\VundoFix Backups\jkkhhhe.dll.bad (ID = 0)
10:57 PM: Found Troj/Virtum-Gen: Troj/Virtum-Gen
10:56 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\documents and settings\localservice\application data\webroot\spy sweeper\temp\ssms09db9a85-5a72-413f-a6ca-e87cddd8077d.tmp]
Trace marked as Always Remove
10:55 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP14\A0003775.exe (ID = 0)
10:54 PM: ApplicationMinimized - EXIT
10:54 PM: ApplicationMinimized - ENTER
Trace marked as Always Remove
10:52 PM: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP1\A0000079.EXE (ID = 0)
10:52 PM: Found Mal/HckPk-A: Mal/HckPk-A
10:50 PM: ApplicationMinimized - EXIT
10:50 PM: ApplicationMinimized - ENTER
10:46 PM: Warning: AntiVirus engine for IFO returned [Access Denied] on [c:\windows\system32\catroot2\tmp.edb]
10:40 PM: Starting File Sweep
10:40 PM: Warning: SweepDirectories: Cannot find directory "a:". This directory was not added to the list of paths to be scanned.
10:40 PM: Cookie Sweep Complete, Elapsed Time: 00:00:10
10:40 PM: Starting Cookie Sweep
10:40 PM: Registry Sweep Complete, Elapsed Time:00:00:25
10:40 PM: Starting Registry Sweep
10:40 PM: Memory Sweep Complete, Elapsed Time: 00:02:35
10:37 PM: Starting Memory Sweep
10:37 PM: Start Custom Sweep
10:37 PM: Sweep initiated using definitions version 1020
10:23 PM: ApplicationMinimized - EXIT
10:23 PM: ApplicationMinimized - ENTER
Operation: File Access
Target:
Source: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPERUI.EXE
10:13 PM: Tamper Detection
9:41 PM: ApplicationMinimized - EXIT
9:41 PM: ApplicationMinimized - ENTER
9:41 PM: There is a problem reaching the server. The cause may be in your connection, or on the server. Please try again later.
7:53 PM: Informational: Virus infected file C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE not cleaned.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
7:53 PM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 1 round of disinfection.
7:53 PM: File System Shield: found: Behavioral: Mal/HckPk-A, version
11:53 AM: Informational: Virus infected file C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE not cleaned.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 20 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 19 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 18 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 17 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 16 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 15 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 14 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 13 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 12 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 11 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 10 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 9 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 8 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 7 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 6 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 5 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 4 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 3 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 2 rounds of disinfection.
11:53 AM: Informational: File C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP16\A0012306.EXE still infected with virus Mal/HckPk-A after 1 round of disinfection.
11:53 AM: File System Shield: found: Behavioral: Mal/HckPk-A, version
Operation: File Access
Target:
Source: C:\WINDOWS\EXPLORER.EXE
11:03 AM: Tamper Detection
Keylogger: Off
E-mail Attachment: On
11:03 AM: Informational: ShieldEmail: Start monitoring port 25 for mail activities
11:03 AM: Informational: ShieldEmail: Start monitoring port 110 for mail activities
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites: Off
Hosts File Shield: On
Internet Communication Shield: On
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
File System Shield: On
Execution Shield: On
System Services Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
11:03 AM: Shield States
11:03 AM: Spyware Definitions: 1020
11:03 AM: Informational: Loaded AntiVirus Engine: 2.51.0; SDK Version: 4.23E; Virus Definitions: 11/12/2007 1:52:44 PM (GMT)
11:02 AM: Spy Sweeper 5.5.7.103 started
11:02 AM: Spy Sweeper 5.5.7.103 started
11:02 AM: | Start of Session, Sunday, November 18, 2007
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby askey127 » November 19th, 2007, 7:39 am

benderbuddie,
Please perform the steps in the sequence given, and refrain from running any extra scans, removals, or installations while we are working on your machine. It is important that you DO NOT Turn OFF System Restore, your AntiVirus Program or your Firewall on purpose unless instructed to do so. If there is anything you can't do, or any instruction that you don't understand, then please let me know in a reply. (I know you have a problem with the firewall)

Most all of those infected files are in your System Restore or are quarantined.
This infection is what destroyed your Internet connection, and has changed some other things, like the Firewall.
-----------------------------------------------------------
Disable Trojan Hunter Guard
Go to TrojanHunter Guard in the lower right corner of your screen. It is a light blue icon with a magnifying glass that can be difficult to see but the handle is red. Right click it and select settings. Uncheck "Load at startup" and "Enabled".
-----------------------------------------------------------
Run ComboFix
  • Double click combofix.exe & follow the prompts.
    Note: DO NOT mouseclick Combofix's window while it's running. That may cause it to stall
  • When finished, it will produce a log for you, C:\ComboFix.txt. Post that log in your next reply

It's IMPORTANT to download the AVG Anti-Spyware installer to a flash drive and run it on the infected machine per my previous instructions. Please make every attempt to do it.

If we are unable to get the machine working, your only alternative will be to Reformat the Drive and Re-Install Windows.
Please post the log C:\Combofix.txt and the AVG AntiSpyware log.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Once again i need your help

Unread postby benderbuddie » November 19th, 2007, 12:32 pm

Ok i got the avg to scan and run the log will follow . . . i downloaded the update for where you had the link to click here and i'm pretty sure it installed but the avg thing said it was not updated, so i'm not sure if what i installed updated it or not. .When i went to run the combofix.exe the this would say that the program is out of date and cease to run after that. I just downloaded the combofix.exe today so i'm not sure how to update it.

here is the avg log

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:59:52 AM 11/19/2007

+ Scan result:



C:\Program Files\Picasa\pinstall.dll -> Adware.LookMe : Cleaned.
:mozilla.189:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.297:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.424:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@americanexpress.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@dtag.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@marthastewart.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@usatoday1.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@grandmasrecipebook.aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
:mozilla.180:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.181:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.182:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@4.adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.12:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@admarketplace[2].txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.106:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.113:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.119:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.120:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@citi.bridgetrack[2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.36:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wak4khdzcdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfk4aiajicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfk4spcjkdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfkiwjcjiap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfkogiczego.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfkyqlajmlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfkyupcjmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfliapajgfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wfliqoczkcp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wflouic5wfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wgk4elajmhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6whkyciczsco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6whl4alazkgq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjk4wmcjacp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjkosmczcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjkowmdjidq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjlieodpecq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjlyolc5wcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjny-1iazkg.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@e-2dj6wjnyskazafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@e-2dj6wjliogdjwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@e-2dj6wjmysicpico.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@e-2dj6wjnyshczelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@e-2dj6wfkyknczkdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@e-2dj6wfmiojazsaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@e-2dj6wgkyeiajscp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@e-2dj6wjkochc5ago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@e-2dj6wjkykpcjeco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@e-2dj6wjloapczcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.164:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.165:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.166:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.167:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.168:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.45:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.46:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.47:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.48:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.49:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.50:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.51:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.52:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Cookies\system@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.423:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.72:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.78:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.372:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.373:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.380:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.88:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.89:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.90:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-airtran.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-applevac.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-aspca.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-attworldnet.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-autotrader.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-bestbuy.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-davidsbridal.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-foxsports.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-ingersollrand.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-knightridder.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-legacy.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-providianbankcorpservices.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-samsungusa.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-traderpublishing.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-verizon.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@ehg-wyndhamvacationownership.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@info[1].txt -> TrackingCookie.Info : Cleaned.
:mozilla.752:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Information : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.195:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.200:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@auto.search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@auto.search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@real[1].txt -> TrackingCookie.Real : Cleaned.
:mozilla.298:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.299:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.300:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.301:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.302:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.303:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.304:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.305:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.306:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.308:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.309:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.310:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.311:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@revsci[1].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Lynn Bender\Cookies\lynn bender@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Documents and Settings\Thomas Bender\Cookies\thomas bender@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.185:C:\Documents and Settings\Dan Bender\Application Data\Mozilla\Firefox\Profiles\cn7sx6hu.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Dan Bender\Cookies\dan bender@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.


::Report end
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby askey127 » November 19th, 2007, 9:01 pm

benderbuddie,
You will need three new downloads. Delete the version of ComboFix on the infected machine. It's too old.

Download ATF Cleaner by Atribune © from here : http://www.atribune.org/ccount/click.php?id=1
It is a stand-alone program that does not need to be "installed". Save it to a convenient location and make a shortcut on the desktop.

Download LSPFix from here : http://www.cexx.org/lspfix.htm
Download the lspfix.exe version if you can't unzip.
Copy or Save to the Desktop

Download a New ComboFixDownload this file from either of the two sites below :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
Copy or Save to your desktop
-----------------------------------------------------------
Double-click ATF-Cleaner.exe or your shortcut to run the program.
Under Main, choose Select All
Click Empty Selected

If you also use Firefox browser,
Click Firefox at the top and choose Select All
Click on Empty Selected
NOTE: If you would like to keep any saved passwords, please click No at the prompt.

When it tells you how much has been removed, click Exit to close.
-----------------------------------------------------------
Disconnect from the internet, and close all browser windows.
Run LSPFix.
Click Finish. Don't use the "X" in the upper right hand corner to close the window, or the program won't execute.
-----------------------------------------------------------
Reboot Windows normally.
-----------------------------------------------------------
Double click combofix.exe & follow the prompts.
Note: DO NOT mouseclick Combofix's window while it's running. That may cause it to stall
When finished, it will produce a log for you, C:\ComboFix.txt. Post that log in your next reply

Tell me if the machine can see a simple website like http://www.google.com

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Once again i need your help

Unread postby benderbuddie » November 19th, 2007, 11:25 pm

Ok i ran the Cleaner and the LSPfix. The Cleaner cleaned cookies and what have you. The LSPFix said it found no problems. The combofix will not run still. I tried both links and downloaded multiple times seperately. It says the same message of "Current date is 2007 - 11 - 19. This copy of Combo fix has expired. Please Download an updated copy." So i'm not sure how to get the updated version, i could search but i dont want to download another unsafe file.
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby askey127 » November 20th, 2007, 12:00 pm

I trust you clicked "Finish" on LSPFix, rather than hitting the "X"..

ComboFix is set to time out after the version is 10 days old, and the provider hasn't yet updated the download sites.
I will let you know when. None of it is your fault.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Once again i need your help

Unread postby benderbuddie » November 20th, 2007, 3:18 pm

Ok, phew. And i did click finish on that scan. Let me know whne i can re-download the combofix.exe and i will do it.
benderbuddie
Regular Member
 
Posts: 17
Joined: October 23rd, 2007, 3:22 pm
Location: Ohio

Re: Once again i need your help

Unread postby askey127 » November 22nd, 2007, 12:49 pm

ComboFix has been updated and is available.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 55 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware