Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

help can't remove malware please can someone take a look

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 15th, 2008, 2:25 pm

ComboFix 08-01-15.4 - user 2008-01-15 18:09:37.9 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.535 [GMT 0:00]
Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\user\Desktop\CFScript.txt
* Created a new restore point

[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]

FILE
C:\Documents and Settings\All Users\Documents\Documents\My Music\AOL 9.0a\update.exe
C:\Documents and Settings\user\Application Data\tmp3.tmp
C:\Program Files\MSN Messenger\msimg32.dll
C:\WINDOWS\djb.exe
C:\WINDOWS\fseob.exe
C:\WINDOWS\md.exe
C:\WINDOWS\qdtkq.exe
C:\WINDOWS\system32\ahroxun-edat(10).exe
C:\WINDOWS\system32\ahroxun-edat(100).exe
C:\WINDOWS\system32\ahroxun-edat(101).exe
C:\WINDOWS\system32\ahroxun-edat(102).exe
C:\WINDOWS\system32\ahroxun-edat(103).exe
C:\WINDOWS\system32\ahroxun-edat(104).exe
C:\WINDOWS\system32\ahroxun-edat(105).exe
C:\WINDOWS\system32\ahroxun-edat(106).exe
C:\WINDOWS\system32\ahroxun-edat(107).exe
C:\WINDOWS\system32\ahroxun-edat(108).exe
C:\WINDOWS\system32\ahroxun-edat(109).exe
C:\WINDOWS\system32\ahroxun-edat(11).exe
C:\WINDOWS\system32\ahroxun-edat(110).exe
C:\WINDOWS\system32\ahroxun-edat(111).exe
C:\WINDOWS\system32\ahroxun-edat(112).exe
C:\WINDOWS\system32\ahroxun-edat(113).exe
C:\WINDOWS\system32\ahroxun-edat(114).exe
C:\WINDOWS\system32\ahroxun-edat(115).exe
C:\WINDOWS\system32\ahroxun-edat(116).exe
C:\WINDOWS\system32\ahroxun-edat(117).exe
C:\WINDOWS\system32\ahroxun-edat(118).exe
C:\WINDOWS\system32\ahroxun-edat(119).exe
C:\WINDOWS\system32\ahroxun-edat(12).exe
C:\WINDOWS\system32\ahroxun-edat(120).exe
C:\WINDOWS\system32\ahroxun-edat(121).exe
C:\WINDOWS\system32\ahroxun-edat(122).exe
C:\WINDOWS\system32\ahroxun-edat(123).exe
C:\WINDOWS\system32\ahroxun-edat(124).exe
C:\WINDOWS\system32\ahroxun-edat(125).exe
C:\WINDOWS\system32\ahroxun-edat(126).exe
C:\WINDOWS\system32\ahroxun-edat(127).exe
C:\WINDOWS\system32\ahroxun-edat(128).exe
C:\WINDOWS\system32\ahroxun-edat(129).exe
C:\WINDOWS\system32\ahroxun-edat(13).exe
C:\WINDOWS\system32\ahroxun-edat(130).exe
C:\WINDOWS\system32\ahroxun-edat(131).exe
C:\WINDOWS\system32\ahroxun-edat(132).exe
C:\WINDOWS\system32\ahroxun-edat(133).exe
C:\WINDOWS\system32\ahroxun-edat(134).exe
C:\WINDOWS\system32\ahroxun-edat(135).exe
C:\WINDOWS\system32\ahroxun-edat(136).exe
C:\WINDOWS\system32\ahroxun-edat(137).exe
C:\WINDOWS\system32\ahroxun-edat(138).exe
C:\WINDOWS\system32\ahroxun-edat(139).exe
C:\WINDOWS\system32\ahroxun-edat(14).exe
C:\WINDOWS\system32\ahroxun-edat(140).exe
C:\WINDOWS\system32\ahroxun-edat(141).exe
C:\WINDOWS\system32\ahroxun-edat(142).exe
C:\WINDOWS\system32\ahroxun-edat(143).exe
C:\WINDOWS\system32\ahroxun-edat(144).exe
C:\WINDOWS\system32\ahroxun-edat(145).exe
C:\WINDOWS\system32\ahroxun-edat(146).exe
C:\WINDOWS\system32\ahroxun-edat(147).exe
C:\WINDOWS\system32\ahroxun-edat(148).exe
C:\WINDOWS\system32\ahroxun-edat(149).exe
C:\WINDOWS\system32\ahroxun-edat(15).exe
C:\WINDOWS\system32\ahroxun-edat(150).exe
C:\WINDOWS\system32\ahroxun-edat(151).exe
C:\WINDOWS\system32\ahroxun-edat(152).exe
C:\WINDOWS\system32\ahroxun-edat(153).exe
C:\WINDOWS\system32\ahroxun-edat(154).exe
C:\WINDOWS\system32\ahroxun-edat(155).exe
C:\WINDOWS\system32\ahroxun-edat(156).exe
C:\WINDOWS\system32\ahroxun-edat(157).exe
C:\WINDOWS\system32\ahroxun-edat(158).exe
C:\WINDOWS\system32\ahroxun-edat(159).exe
C:\WINDOWS\system32\ahroxun-edat(16).exe
C:\WINDOWS\system32\ahroxun-edat(160).exe
C:\WINDOWS\system32\ahroxun-edat(161).exe
C:\WINDOWS\system32\ahroxun-edat(162).exe
C:\WINDOWS\system32\ahroxun-edat(163).exe
C:\WINDOWS\system32\ahroxun-edat(164).exe
C:\WINDOWS\system32\ahroxun-edat(165).exe
C:\WINDOWS\system32\ahroxun-edat(166).exe
C:\WINDOWS\system32\ahroxun-edat(167).exe
C:\WINDOWS\system32\ahroxun-edat(168).exe
C:\WINDOWS\system32\ahroxun-edat(169).exe
C:\WINDOWS\system32\ahroxun-edat(17).exe
C:\WINDOWS\system32\ahroxun-edat(170).exe
C:\WINDOWS\system32\ahroxun-edat(171).exe
C:\WINDOWS\system32\ahroxun-edat(172).exe
C:\WINDOWS\system32\ahroxun-edat(173).exe
C:\WINDOWS\system32\ahroxun-edat(174).exe
C:\WINDOWS\system32\ahroxun-edat(175).exe
C:\WINDOWS\system32\ahroxun-edat(176).exe
C:\WINDOWS\system32\ahroxun-edat(177).exe
C:\WINDOWS\system32\ahroxun-edat(178).exe
C:\WINDOWS\system32\ahroxun-edat(179).exe
C:\WINDOWS\system32\ahroxun-edat(18).exe
C:\WINDOWS\system32\ahroxun-edat(180).exe
C:\WINDOWS\system32\ahroxun-edat(181).exe
C:\WINDOWS\system32\ahroxun-edat(182).exe
C:\WINDOWS\system32\ahroxun-edat(183).exe
C:\WINDOWS\system32\ahroxun-edat(184).exe
C:\WINDOWS\system32\ahroxun-edat(185).exe
C:\WINDOWS\system32\ahroxun-edat(186).exe
C:\WINDOWS\system32\ahroxun-edat(187).exe
C:\WINDOWS\system32\ahroxun-edat(188).exe
C:\WINDOWS\system32\ahroxun-edat(189).exe
C:\WINDOWS\system32\ahroxun-edat(19).exe
C:\WINDOWS\system32\ahroxun-edat(190).exe
C:\WINDOWS\system32\ahroxun-edat(191).exe
C:\WINDOWS\system32\ahroxun-edat(192).exe
C:\WINDOWS\system32\ahroxun-edat(193).exe
C:\WINDOWS\system32\ahroxun-edat(194).exe
C:\WINDOWS\system32\ahroxun-edat(195).exe
C:\WINDOWS\system32\ahroxun-edat(196).exe
C:\WINDOWS\system32\ahroxun-edat(197).exe
C:\WINDOWS\system32\ahroxun-edat(198).exe
C:\WINDOWS\system32\ahroxun-edat(199).exe
C:\WINDOWS\system32\ahroxun-edat(2).exe
C:\WINDOWS\system32\ahroxun-edat(20).exe
C:\WINDOWS\system32\ahroxun-edat(200).exe
C:\WINDOWS\system32\ahroxun-edat(201).exe
C:\WINDOWS\system32\ahroxun-edat(202).exe
C:\WINDOWS\system32\ahroxun-edat(203).exe
C:\WINDOWS\system32\ahroxun-edat(204).exe
C:\WINDOWS\system32\ahroxun-edat(205).exe
C:\WINDOWS\system32\ahroxun-edat(206).exe
C:\WINDOWS\system32\ahroxun-edat(207).exe
C:\WINDOWS\system32\ahroxun-edat(208).exe
C:\WINDOWS\system32\ahroxun-edat(209).exe
C:\WINDOWS\system32\ahroxun-edat(21).exe
C:\WINDOWS\system32\ahroxun-edat(210).exe
C:\WINDOWS\system32\ahroxun-edat(211).exe
C:\WINDOWS\system32\ahroxun-edat(212).exe
C:\WINDOWS\system32\ahroxun-edat(213).exe
C:\WINDOWS\system32\ahroxun-edat(214).exe
C:\WINDOWS\system32\ahroxun-edat(215).exe
C:\WINDOWS\system32\ahroxun-edat(216).exe
C:\WINDOWS\system32\ahroxun-edat(217).exe
C:\WINDOWS\system32\ahroxun-edat(218).exe
C:\WINDOWS\system32\ahroxun-edat(219).exe
C:\WINDOWS\system32\ahroxun-edat(22).exe
C:\WINDOWS\system32\ahroxun-edat(220).exe
C:\WINDOWS\system32\ahroxun-edat(221).exe
C:\WINDOWS\system32\ahroxun-edat(222).exe
C:\WINDOWS\system32\ahroxun-edat(223).exe
C:\WINDOWS\system32\ahroxun-edat(224).exe
C:\WINDOWS\system32\ahroxun-edat(225).exe
C:\WINDOWS\system32\ahroxun-edat(226).exe
C:\WINDOWS\system32\ahroxun-edat(227).exe
C:\WINDOWS\system32\ahroxun-edat(228).exe
C:\WINDOWS\system32\ahroxun-edat(229).exe
C:\WINDOWS\system32\ahroxun-edat(23).exe
C:\WINDOWS\system32\ahroxun-edat(230).exe
C:\WINDOWS\system32\ahroxun-edat(231).exe
C:\WINDOWS\system32\ahroxun-edat(232).exe
C:\WINDOWS\system32\ahroxun-edat(233).exe
C:\WINDOWS\system32\ahroxun-edat(24).exe
C:\WINDOWS\system32\ahroxun-edat(25).exe
C:\WINDOWS\system32\ahroxun-edat(26).exe
C:\WINDOWS\system32\ahroxun-edat(27).exe
C:\WINDOWS\system32\ahroxun-edat(28).exe
C:\WINDOWS\system32\ahroxun-edat(29).exe
C:\WINDOWS\system32\ahroxun-edat(3).exe
C:\WINDOWS\system32\ahroxun-edat(30).exe
C:\WINDOWS\system32\ahroxun-edat(31).exe
C:\WINDOWS\system32\ahroxun-edat(32).exe
C:\WINDOWS\system32\ahroxun-edat(33).exe
C:\WINDOWS\system32\ahroxun-edat(34).exe
C:\WINDOWS\system32\ahroxun-edat(35).exe
C:\WINDOWS\system32\ahroxun-edat(36).exe
C:\WINDOWS\system32\ahroxun-edat(37).exe
C:\WINDOWS\system32\ahroxun-edat(38).exe
C:\WINDOWS\system32\ahroxun-edat(39).exe
C:\WINDOWS\system32\ahroxun-edat(4).exe
C:\WINDOWS\system32\ahroxun-edat(40).exe
C:\WINDOWS\system32\ahroxun-edat(41).exe
C:\WINDOWS\system32\ahroxun-edat(42).exe
C:\WINDOWS\system32\ahroxun-edat(43).exe
C:\WINDOWS\system32\ahroxun-edat(44).exe
C:\WINDOWS\system32\ahroxun-edat(45).exe
C:\WINDOWS\system32\ahroxun-edat(46).exe
C:\WINDOWS\system32\ahroxun-edat(47).exe
C:\WINDOWS\system32\ahroxun-edat(48).exe
C:\WINDOWS\system32\ahroxun-edat(49).exe
C:\WINDOWS\system32\ahroxun-edat(5).exe
C:\WINDOWS\system32\ahroxun-edat(50).exe
C:\WINDOWS\system32\ahroxun-edat(51).exe
C:\WINDOWS\system32\ahroxun-edat(52).exe
C:\WINDOWS\system32\ahroxun-edat(53).exe
C:\WINDOWS\system32\ahroxun-edat(54).exe
C:\WINDOWS\system32\ahroxun-edat(55).exe
C:\WINDOWS\system32\ahroxun-edat(56).exe
C:\WINDOWS\system32\ahroxun-edat(57).exe
C:\WINDOWS\system32\ahroxun-edat(58).exe
C:\WINDOWS\system32\ahroxun-edat(59).exe
C:\WINDOWS\system32\ahroxun-edat(6).exe
C:\WINDOWS\system32\ahroxun-edat(60).exe
C:\WINDOWS\system32\ahroxun-edat(61).exe
C:\WINDOWS\system32\ahroxun-edat(62).exe
C:\WINDOWS\system32\ahroxun-edat(63).exe
C:\WINDOWS\system32\ahroxun-edat(64).exe
C:\WINDOWS\system32\ahroxun-edat(65).exe
C:\WINDOWS\system32\ahroxun-edat(66).exe
C:\WINDOWS\system32\ahroxun-edat(67).exe
C:\WINDOWS\system32\ahroxun-edat(68).exe
C:\WINDOWS\system32\ahroxun-edat(69).exe
C:\WINDOWS\system32\ahroxun-edat(7).exe
C:\WINDOWS\system32\ahroxun-edat(70).exe
C:\WINDOWS\system32\ahroxun-edat(71).exe
C:\WINDOWS\system32\ahroxun-edat(72).exe
C:\WINDOWS\system32\ahroxun-edat(73).exe
C:\WINDOWS\system32\ahroxun-edat(74).exe
C:\WINDOWS\system32\ahroxun-edat(75).exe
C:\WINDOWS\system32\ahroxun-edat(76).exe
C:\WINDOWS\system32\ahroxun-edat(77).exe
C:\WINDOWS\system32\ahroxun-edat(78).exe
C:\WINDOWS\system32\ahroxun-edat(79).exe
C:\WINDOWS\system32\ahroxun-edat(8).exe
C:\WINDOWS\system32\ahroxun-edat(80).exe
C:\WINDOWS\system32\ahroxun-edat(81).exe
C:\WINDOWS\system32\ahroxun-edat(82).exe
C:\WINDOWS\system32\ahroxun-edat(83).exe
C:\WINDOWS\system32\ahroxun-edat(84).exe
C:\WINDOWS\system32\ahroxun-edat(85).exe
C:\WINDOWS\system32\ahroxun-edat(86).exe
C:\WINDOWS\system32\ahroxun-edat(87).exe
C:\WINDOWS\system32\ahroxun-edat(88).exe
C:\WINDOWS\system32\ahroxun-edat(89).exe
C:\WINDOWS\system32\ahroxun-edat(9).exe
C:\WINDOWS\system32\ahroxun-edat(90).exe
C:\WINDOWS\system32\ahroxun-edat(91).exe
C:\WINDOWS\system32\ahroxun-edat(92).exe
C:\WINDOWS\system32\ahroxun-edat(93).exe
C:\WINDOWS\system32\ahroxun-edat(94).exe
C:\WINDOWS\system32\ahroxun-edat(95).exe
C:\WINDOWS\system32\ahroxun-edat(96).exe
C:\WINDOWS\system32\ahroxun-edat(97).exe
C:\WINDOWS\system32\ahroxun-edat(98).exe
C:\WINDOWS\system32\ahroxun-edat(99).exe
C:\WINDOWS\yq.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Documents\Documents\My Music\AOL 9.0a\update.exe
C:\Documents and Settings\user\Application Data\tmp3.tmp
C:\Program Files\MSN Messenger\msimg32.dll
C:\WINDOWS\djb.exe
C:\WINDOWS\fseob.exe
C:\WINDOWS\md.exe
C:\WINDOWS\qdtkq.exe
C:\WINDOWS\system32\ahroxun-edat(10).exe
C:\WINDOWS\system32\ahroxun-edat(100).exe
C:\WINDOWS\system32\ahroxun-edat(101).exe
C:\WINDOWS\system32\ahroxun-edat(102).exe
C:\WINDOWS\system32\ahroxun-edat(103).exe
C:\WINDOWS\system32\ahroxun-edat(104).exe
C:\WINDOWS\system32\ahroxun-edat(105).exe
C:\WINDOWS\system32\ahroxun-edat(106).exe
C:\WINDOWS\system32\ahroxun-edat(107).exe
C:\WINDOWS\system32\ahroxun-edat(108).exe
C:\WINDOWS\system32\ahroxun-edat(109).exe
C:\WINDOWS\system32\ahroxun-edat(11).exe
C:\WINDOWS\system32\ahroxun-edat(110).exe
C:\WINDOWS\system32\ahroxun-edat(111).exe
C:\WINDOWS\system32\ahroxun-edat(112).exe
C:\WINDOWS\system32\ahroxun-edat(113).exe
C:\WINDOWS\system32\ahroxun-edat(114).exe
C:\WINDOWS\system32\ahroxun-edat(115).exe
C:\WINDOWS\system32\ahroxun-edat(116).exe
C:\WINDOWS\system32\ahroxun-edat(117).exe
C:\WINDOWS\system32\ahroxun-edat(118).exe
C:\WINDOWS\system32\ahroxun-edat(119).exe
C:\WINDOWS\system32\ahroxun-edat(12).exe
C:\WINDOWS\system32\ahroxun-edat(120).exe
C:\WINDOWS\system32\ahroxun-edat(121).exe
C:\WINDOWS\system32\ahroxun-edat(122).exe
C:\WINDOWS\system32\ahroxun-edat(123).exe
C:\WINDOWS\system32\ahroxun-edat(124).exe
C:\WINDOWS\system32\ahroxun-edat(125).exe
C:\WINDOWS\system32\ahroxun-edat(126).exe
C:\WINDOWS\system32\ahroxun-edat(127).exe
C:\WINDOWS\system32\ahroxun-edat(128).exe
C:\WINDOWS\system32\ahroxun-edat(129).exe
C:\WINDOWS\system32\ahroxun-edat(13).exe
C:\WINDOWS\system32\ahroxun-edat(130).exe
C:\WINDOWS\system32\ahroxun-edat(131).exe
C:\WINDOWS\system32\ahroxun-edat(132).exe
C:\WINDOWS\system32\ahroxun-edat(133).exe
C:\WINDOWS\system32\ahroxun-edat(134).exe
C:\WINDOWS\system32\ahroxun-edat(135).exe
C:\WINDOWS\system32\ahroxun-edat(136).exe
C:\WINDOWS\system32\ahroxun-edat(137).exe
C:\WINDOWS\system32\ahroxun-edat(138).exe
C:\WINDOWS\system32\ahroxun-edat(139).exe
C:\WINDOWS\system32\ahroxun-edat(14).exe
C:\WINDOWS\system32\ahroxun-edat(140).exe
C:\WINDOWS\system32\ahroxun-edat(141).exe
C:\WINDOWS\system32\ahroxun-edat(142).exe
C:\WINDOWS\system32\ahroxun-edat(143).exe
C:\WINDOWS\system32\ahroxun-edat(144).exe
C:\WINDOWS\system32\ahroxun-edat(145).exe
C:\WINDOWS\system32\ahroxun-edat(146).exe
C:\WINDOWS\system32\ahroxun-edat(147).exe
C:\WINDOWS\system32\ahroxun-edat(148).exe
C:\WINDOWS\system32\ahroxun-edat(149).exe
C:\WINDOWS\system32\ahroxun-edat(15).exe
C:\WINDOWS\system32\ahroxun-edat(150).exe
C:\WINDOWS\system32\ahroxun-edat(151).exe
C:\WINDOWS\system32\ahroxun-edat(152).exe
C:\WINDOWS\system32\ahroxun-edat(153).exe
C:\WINDOWS\system32\ahroxun-edat(154).exe
C:\WINDOWS\system32\ahroxun-edat(155).exe
C:\WINDOWS\system32\ahroxun-edat(156).exe
C:\WINDOWS\system32\ahroxun-edat(157).exe
C:\WINDOWS\system32\ahroxun-edat(158).exe
C:\WINDOWS\system32\ahroxun-edat(159).exe
C:\WINDOWS\system32\ahroxun-edat(16).exe
C:\WINDOWS\system32\ahroxun-edat(160).exe
C:\WINDOWS\system32\ahroxun-edat(161).exe
C:\WINDOWS\system32\ahroxun-edat(162).exe
C:\WINDOWS\system32\ahroxun-edat(163).exe
C:\WINDOWS\system32\ahroxun-edat(164).exe
C:\WINDOWS\system32\ahroxun-edat(165).exe
C:\WINDOWS\system32\ahroxun-edat(166).exe
C:\WINDOWS\system32\ahroxun-edat(167).exe
C:\WINDOWS\system32\ahroxun-edat(168).exe
C:\WINDOWS\system32\ahroxun-edat(169).exe
C:\WINDOWS\system32\ahroxun-edat(17).exe
C:\WINDOWS\system32\ahroxun-edat(170).exe
C:\WINDOWS\system32\ahroxun-edat(171).exe
C:\WINDOWS\system32\ahroxun-edat(172).exe
C:\WINDOWS\system32\ahroxun-edat(173).exe
C:\WINDOWS\system32\ahroxun-edat(174).exe
C:\WINDOWS\system32\ahroxun-edat(175).exe
C:\WINDOWS\system32\ahroxun-edat(176).exe
C:\WINDOWS\system32\ahroxun-edat(177).exe
C:\WINDOWS\system32\ahroxun-edat(178).exe
C:\WINDOWS\system32\ahroxun-edat(179).exe
C:\WINDOWS\system32\ahroxun-edat(18).exe
C:\WINDOWS\system32\ahroxun-edat(180).exe
C:\WINDOWS\system32\ahroxun-edat(181).exe
C:\WINDOWS\system32\ahroxun-edat(182).exe
C:\WINDOWS\system32\ahroxun-edat(183).exe
C:\WINDOWS\system32\ahroxun-edat(184).exe
C:\WINDOWS\system32\ahroxun-edat(185).exe
C:\WINDOWS\system32\ahroxun-edat(186).exe
C:\WINDOWS\system32\ahroxun-edat(187).exe
C:\WINDOWS\system32\ahroxun-edat(188).exe
C:\WINDOWS\system32\ahroxun-edat(189).exe
C:\WINDOWS\system32\ahroxun-edat(19).exe
C:\WINDOWS\system32\ahroxun-edat(190).exe
C:\WINDOWS\system32\ahroxun-edat(191).exe
C:\WINDOWS\system32\ahroxun-edat(192).exe
C:\WINDOWS\system32\ahroxun-edat(193).exe
C:\WINDOWS\system32\ahroxun-edat(194).exe
C:\WINDOWS\system32\ahroxun-edat(195).exe
C:\WINDOWS\system32\ahroxun-edat(196).exe
C:\WINDOWS\system32\ahroxun-edat(197).exe
C:\WINDOWS\system32\ahroxun-edat(198).exe
C:\WINDOWS\system32\ahroxun-edat(199).exe
C:\WINDOWS\system32\ahroxun-edat(2).exe
C:\WINDOWS\system32\ahroxun-edat(20).exe
C:\WINDOWS\system32\ahroxun-edat(200).exe
C:\WINDOWS\system32\ahroxun-edat(201).exe
C:\WINDOWS\system32\ahroxun-edat(202).exe
C:\WINDOWS\system32\ahroxun-edat(203).exe
C:\WINDOWS\system32\ahroxun-edat(204).exe
C:\WINDOWS\system32\ahroxun-edat(205).exe
C:\WINDOWS\system32\ahroxun-edat(206).exe
C:\WINDOWS\system32\ahroxun-edat(207).exe
C:\WINDOWS\system32\ahroxun-edat(208).exe
C:\WINDOWS\system32\ahroxun-edat(209).exe
C:\WINDOWS\system32\ahroxun-edat(21).exe
C:\WINDOWS\system32\ahroxun-edat(210).exe
C:\WINDOWS\system32\ahroxun-edat(211).exe
C:\WINDOWS\system32\ahroxun-edat(212).exe
C:\WINDOWS\system32\ahroxun-edat(213).exe
C:\WINDOWS\system32\ahroxun-edat(214).exe
C:\WINDOWS\system32\ahroxun-edat(215).exe
C:\WINDOWS\system32\ahroxun-edat(216).exe
C:\WINDOWS\system32\ahroxun-edat(217).exe
C:\WINDOWS\system32\ahroxun-edat(218).exe
C:\WINDOWS\system32\ahroxun-edat(219).exe
C:\WINDOWS\system32\ahroxun-edat(22).exe
C:\WINDOWS\system32\ahroxun-edat(220).exe
C:\WINDOWS\system32\ahroxun-edat(221).exe
C:\WINDOWS\system32\ahroxun-edat(222).exe
C:\WINDOWS\system32\ahroxun-edat(223).exe
C:\WINDOWS\system32\ahroxun-edat(224).exe
C:\WINDOWS\system32\ahroxun-edat(225).exe
C:\WINDOWS\system32\ahroxun-edat(226).exe
C:\WINDOWS\system32\ahroxun-edat(227).exe
C:\WINDOWS\system32\ahroxun-edat(228).exe
C:\WINDOWS\system32\ahroxun-edat(229).exe
C:\WINDOWS\system32\ahroxun-edat(23).exe
C:\WINDOWS\system32\ahroxun-edat(230).exe
C:\WINDOWS\system32\ahroxun-edat(231).exe
C:\WINDOWS\system32\ahroxun-edat(232).exe
C:\WINDOWS\system32\ahroxun-edat(233).exe
C:\WINDOWS\system32\ahroxun-edat(24).exe
C:\WINDOWS\system32\ahroxun-edat(25).exe
C:\WINDOWS\system32\ahroxun-edat(26).exe
C:\WINDOWS\system32\ahroxun-edat(27).exe
C:\WINDOWS\system32\ahroxun-edat(28).exe
C:\WINDOWS\system32\ahroxun-edat(29).exe
C:\WINDOWS\system32\ahroxun-edat(3).exe
C:\WINDOWS\system32\ahroxun-edat(30).exe
C:\WINDOWS\system32\ahroxun-edat(31).exe
C:\WINDOWS\system32\ahroxun-edat(32).exe
C:\WINDOWS\system32\ahroxun-edat(33).exe
C:\WINDOWS\system32\ahroxun-edat(34).exe
C:\WINDOWS\system32\ahroxun-edat(35).exe
C:\WINDOWS\system32\ahroxun-edat(36).exe
C:\WINDOWS\system32\ahroxun-edat(37).exe
C:\WINDOWS\system32\ahroxun-edat(38).exe
C:\WINDOWS\system32\ahroxun-edat(39).exe
C:\WINDOWS\system32\ahroxun-edat(4).exe
C:\WINDOWS\system32\ahroxun-edat(40).exe
C:\WINDOWS\system32\ahroxun-edat(41).exe
C:\WINDOWS\system32\ahroxun-edat(42).exe
C:\WINDOWS\system32\ahroxun-edat(43).exe
C:\WINDOWS\system32\ahroxun-edat(44).exe
C:\WINDOWS\system32\ahroxun-edat(45).exe
C:\WINDOWS\system32\ahroxun-edat(46).exe
C:\WINDOWS\system32\ahroxun-edat(47).exe
C:\WINDOWS\system32\ahroxun-edat(48).exe
C:\WINDOWS\system32\ahroxun-edat(49).exe
C:\WINDOWS\system32\ahroxun-edat(5).exe
C:\WINDOWS\system32\ahroxun-edat(50).exe
C:\WINDOWS\system32\ahroxun-edat(51).exe
C:\WINDOWS\system32\ahroxun-edat(52).exe
C:\WINDOWS\system32\ahroxun-edat(53).exe
C:\WINDOWS\system32\ahroxun-edat(54).exe
C:\WINDOWS\system32\ahroxun-edat(55).exe
C:\WINDOWS\system32\ahroxun-edat(56).exe
C:\WINDOWS\system32\ahroxun-edat(57).exe
C:\WINDOWS\system32\ahroxun-edat(58).exe
C:\WINDOWS\system32\ahroxun-edat(59).exe
C:\WINDOWS\system32\ahroxun-edat(6).exe
C:\WINDOWS\system32\ahroxun-edat(60).exe
C:\WINDOWS\system32\ahroxun-edat(61).exe
C:\WINDOWS\system32\ahroxun-edat(62).exe
C:\WINDOWS\system32\ahroxun-edat(63).exe
C:\WINDOWS\system32\ahroxun-edat(64).exe
C:\WINDOWS\system32\ahroxun-edat(65).exe
C:\WINDOWS\system32\ahroxun-edat(66).exe
C:\WINDOWS\system32\ahroxun-edat(67).exe
C:\WINDOWS\system32\ahroxun-edat(68).exe
C:\WINDOWS\system32\ahroxun-edat(69).exe
C:\WINDOWS\system32\ahroxun-edat(7).exe
C:\WINDOWS\system32\ahroxun-edat(70).exe
C:\WINDOWS\system32\ahroxun-edat(71).exe
C:\WINDOWS\system32\ahroxun-edat(72).exe
C:\WINDOWS\system32\ahroxun-edat(73).exe
C:\WINDOWS\system32\ahroxun-edat(74).exe
C:\WINDOWS\system32\ahroxun-edat(75).exe
C:\WINDOWS\system32\ahroxun-edat(76).exe
C:\WINDOWS\system32\ahroxun-edat(77).exe
C:\WINDOWS\system32\ahroxun-edat(78).exe
C:\WINDOWS\system32\ahroxun-edat(79).exe
C:\WINDOWS\system32\ahroxun-edat(8).exe
C:\WINDOWS\system32\ahroxun-edat(80).exe
C:\WINDOWS\system32\ahroxun-edat(81).exe
C:\WINDOWS\system32\ahroxun-edat(82).exe
C:\WINDOWS\system32\ahroxun-edat(83).exe
C:\WINDOWS\system32\ahroxun-edat(84).exe
C:\WINDOWS\system32\ahroxun-edat(85).exe
C:\WINDOWS\system32\ahroxun-edat(86).exe
C:\WINDOWS\system32\ahroxun-edat(87).exe
C:\WINDOWS\system32\ahroxun-edat(88).exe
C:\WINDOWS\system32\ahroxun-edat(89).exe
C:\WINDOWS\system32\ahroxun-edat(9).exe
C:\WINDOWS\system32\ahroxun-edat(90).exe
C:\WINDOWS\system32\ahroxun-edat(91).exe
C:\WINDOWS\system32\ahroxun-edat(92).exe
C:\WINDOWS\system32\ahroxun-edat(93).exe
C:\WINDOWS\system32\ahroxun-edat(94).exe
C:\WINDOWS\system32\ahroxun-edat(95).exe
C:\WINDOWS\system32\ahroxun-edat(96).exe
C:\WINDOWS\system32\ahroxun-edat(97).exe
C:\WINDOWS\system32\ahroxun-edat(98).exe
C:\WINDOWS\system32\ahroxun-edat(99).exe
C:\WINDOWS\yq.exe

.
((((((((((((((((((((((((( Files Created from 2007-12-15 to 2008-01-15 )))))))))))))))))))))))))))))))
.

2008-01-14 19:35 . 2008-01-14 19:35 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-14 19:35 . 2008-01-14 19:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-14 17:26 . 2008-01-14 21:24 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-01-14 17:26 . 2008-01-14 17:26 <DIR> d-------- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2008-01-14 17:26 . 2008-01-14 17:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-14 17:25 . 2008-01-14 17:25 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-14 12:22 . 2008-01-14 12:22 <DIR> d-------- C:\Program Files\Windows Live Favorites
2008-01-13 19:22 . 2008-01-13 19:22 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-01-10 04:28 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-01-10 04:27 . 2008-01-10 04:27 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-09 17:51 . 2008-01-09 17:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-09 17:51 . 2008-01-09 17:51 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-04 11:19 . 2008-01-05 10:09 1,309 --a------ C:\WINDOWS\mozver.dat
2008-01-03 23:03 . 2008-01-04 03:07 <DIR> d-------- C:\Documents and Settings\user\Application Data\ArcSoft
2008-01-03 21:54 . 2004-08-03 23:10 78,464 --a------ C:\WINDOWS\system32\drivers\usbvideo.sys
2008-01-03 21:54 . 2004-08-03 23:10 78,464 --a--c--- C:\WINDOWS\system32\dllcache\usbvideo.sys
2008-01-03 21:54 . 2004-08-04 00:56 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2008-01-03 21:54 . 2004-08-04 00:56 20,992 --a--c--- C:\WINDOWS\system32\dllcache\dshowext.ax
2008-01-03 21:51 . 2008-01-03 21:51 <DIR> d-------- C:\Program Files\Common Files\ArcSoft
2008-01-03 21:51 . 2005-02-23 14:58 11,776 --a------ C:\WINDOWS\system32\drivers\afc.sys
2008-01-03 21:50 . 2008-01-04 03:04 <DIR> d-------- C:\Program Files\ArcSoft
2008-01-03 02:32 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-01-03 02:32 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-01-03 02:32 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-01-03 02:32 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-01-03 02:32 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-01-03 02:32 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-12-31 21:26 . 2007-12-31 21:26 <DIR> d-------- C:\Program Files\Java
2007-12-31 21:26 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-26 10:52 . 2008-01-15 18:17 5,539,872 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-26 10:52 . 2008-01-15 16:53 65,780 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-26 10:44 . 2007-12-26 10:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-24 09:44 . 2007-12-24 09:44 <DIR> d-------- C:\Program Files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-15 18:14 --------- d-----w C:\Program Files\MSN Messenger
2008-01-14 12:23 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-01-14 12:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-13 19:13 --------- d-----w C:\Program Files\Windows Live
2008-01-10 03:40 1,447,936 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-01-10 02:42 67,777 ----a-w C:\Program Files\log malware.txt
2008-01-10 01:58 162 ---ha-w C:\Program Files\~$g malware.txt
2008-01-04 11:58 851,968 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-01-04 11:58 1,427,456 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-01-04 03:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-03 02:33 3,816 ----a-w C:\WINDOWS\system32\tmp.reg
2007-12-24 10:22 9,605 ----a-w C:\Program Files\hijackthis.log
2007-12-20 14:24 --------- d-----w C:\Program Files\Google
2007-11-21 21:10 --------- d-----w C:\Program Files\Driving Test Success Plus
2007-11-21 12:45 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-15 14:51 --------- d-----w C:\Documents and Settings\user\Application Data\PlayFirst
2007-11-14 16:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-11-14 16:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-11-09 13:46 401,720 ----a-w C:\Program Files\hijack.exe
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-18 11:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-07-17 01:51 123,461 ----a-w C:\Program Files\Common Files\Hewlett-Packard.zip
2007-07-05 00:27 1,708,148 ----a-w C:\Documents and Settings\All Users\Documents.zip
2007-06-06 02:21 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-05-08 11:08 31,248 ----a-w C:\Program Files\tmpreflt.sys
2007-05-08 11:08 252,128 ----a-w C:\Program Files\Tmfilter.sys
2007-05-08 11:08 197,648 ----a-w C:\Program Files\tmxpflt.sys
2007-05-08 11:08 1,051,456 ----a-w C:\Program Files\VsapiNT.sys
2007-03-23 12:57 132 ----a-w C:\Documents and Settings\user\Application Data\wklnhst.dat
2004-06-22 08:04 94,438 ------w C:\Program Files\hposcu08.inf
2004-06-22 08:04 9,777 ------w C:\Program Files\hpzipr13.inf
2004-06-22 08:04 9,773 ------w C:\Program Files\hpousc08.inf
2004-06-22 08:04 70,656 ------w C:\Program Files\msvcirt.dll
2004-06-22 08:04 7,579 ------w C:\Program Files\hpound08.inf
2004-06-22 08:04 66,431 ------w C:\Program Files\hpoprl04.dat
2004-06-22 08:04 65,420 ------w C:\Program Files\hpoprl05.dat
2004-06-22 08:04 65 ------w C:\Program Files\dxprl.dat
2004-06-22 08:04 6,704 ------w C:\Program Files\hpounp08.inf
2004-06-22 08:04 53,670 ------w C:\Program Files\hposcu08.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\hpzius13.cat
2004-06-22 08:04 52,349 ------w C:\Program Files\HPZius12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzist12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzipr13.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZipr12.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\hpzid413.cat
2004-06-22 08:04 51,467 ------w C:\Program Files\HPZid412.cat
2004-06-22 08:04 51,026 ------w C:\Program Files\HPOunp08.cat
2004-06-22 08:04 50,615 ------w C:\Program Files\hpzid412.inf
2004-06-22 08:04 5,538 ------w C:\Program Files\hpzist12.inf
2004-06-22 08:04 49,212 ------w C:\Program Files\hpzjvp01.dll
2004-06-22 08:04 458,752 ------w C:\Program Files\tls704d.dll
2004-06-22 08:04 447,400 ------w C:\Program Files\hpoprn08.cat
2004-06-22 08:04 442,425 ------w C:\Program Files\hpzjpp01.dll
2004-06-22 08:04 4,779 ------w C:\Program Files\hpoglu08.inf
2004-06-22 08:04 4,768 ------w C:\Program Files\hpoprl01.dat
2004-06-22 08:04 4,144 ------w C:\Program Files\hpousb08.inf
2004-06-22 08:04 4,132 ------w C:\Program Files\hpzist13.inf
2004-06-22 08:04 4,014 ------w C:\Program Files\hpoprl08.dat
2004-06-22 08:04 399 ------w C:\Program Files\hpzprl01.dat
2004-06-22 08:04 314 ------w C:\Program Files\hpqprl01.dat
2004-06-22 08:04 3,448 ------w C:\Program Files\hpohub08.inf
2004-06-22 08:04 297 ------w C:\Program Files\Readme.html
2004-06-22 08:04 290,873 ------w C:\Program Files\hpzjut01.dll
2004-06-22 08:04 28,722 ------w C:\Program Files\hpzjlog.dll
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzglu10.exe
2004-06-22 08:04 270,336 ------w C:\Program Files\hpzc3212.dll
2004-06-22 08:04 26,768 ------w C:\Program Files\usbhub.sys
2004-06-22 08:04 254,005 ------w C:\Program Files\msvcrt.dll
2004-06-22 08:04 22,636 ------w C:\Program Files\hpzid413.inf
2004-06-22 08:04 22,608 ------w C:\Program Files\usbprint.sys
2004-06-22 08:04 205 ------w C:\Program Files\hpzprl02.dat
2004-06-22 08:04 200,704 ------w C:\Program Files\hpzpnp10.dll
2004-06-22 08:04 20,168 ------w C:\Program Files\hpzius12.inf
2004-06-22 08:04 2,542 ------w C:\Program Files\hpoprl02.dat
2004-06-22 08:04 19,578 ------w C:\Program Files\hpoprl03.dat
2004-06-22 08:04 176,128 ------w C:\Program Files\hpzscr10.dll
2004-06-22 08:04 17,176 ------w C:\Program Files\hpomdl04.dat
2004-06-22 08:04 16,416 ------w C:\Program Files\HPZUCI12.DLL
2004-06-22 08:04 14,845 ------w C:\Program Files\hpoapd01.dat
2004-06-22 08:04 14,815 ------w C:\Program Files\hpzius13.inf
2004-06-22 08:04 137,124 ------w C:\Program Files\hpoprn08.inf
2004-06-22 08:04 12,922 ------w C:\Program Files\hpzipr12.inf
2004-06-22 08:04 12,288 ------w C:\Program Files\usbmon.dll
2004-06-22 08:04 1,980 ------w C:\Program Files\hpoprl07.dat
2004-06-22 08:04 1,479 ------w C:\Program Files\license.txt
2004-06-22 08:04 1,391 ------w C:\Program Files\readme.txt
2004-06-22 08:04 1,073,152 ------w C:\Program Files\Setup.exe
2004-03-17 17:13 1,028,368 ----a-w C:\Program Files\vbrun60sp6.exe
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052120070528\index.dat
2007-05-28 20:41 49,152 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052820070529\index.dat
2007-05-29 20:49 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007052920070530\index.dat
2007-05-30 19:12 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053020070531\index.dat
2007-05-31 19:38 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007053120070601\index.dat
2007-06-02 18:05 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007060220070603\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-01-03_ 2.42.04.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2000-08-31 08:00:00 163,328 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE
+ 2008-01-15 18:08:21 229,376 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-01-15 18:08:22 8,192 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-15 18:08:22 233,472 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
+ 2008-01-15 18:08:22 8,192 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-15 18:08:24 7,614,464 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\[u]0[/u]0000005\ntuser.dat
+ 2008-01-15 18:08:24 286,720 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
- 2007-06-18 17:03:33 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
+ 2008-01-09 22:44:26 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81000000003}\SC_Reader.exe
+ 2008-01-14 17:26:31 29,696 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
+ 2008-01-14 17:26:31 18,944 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2008-01-14 17:26:31 65,024 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
- 1995-07-31 12:44:46 212,480 ----a-w C:\WINDOWS\PCDLIB32.DLL
+ 1995-08-01 04:44:46 212,480 ----a-w C:\WINDOWS\PCDLIB32.DLL
- 2006-08-17 12:28:27 721,920 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:26:56 721,920 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2005-05-24 12:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 15:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 15:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2007-10-11 14:12:48 1,468,968 ------w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-01-03 13:50:20 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-01-02 18:21:36 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2006-10-24 12:30:20 412,160 ------w C:\WINDOWS\system32\photometadatahandler.dll
- 2007-11-08 02:37:00 6,723,468 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2008-01-13 19:17:10 703,520 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
- 2006-09-25 16:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2006-10-16 16:10:58 14,640 ------w C:\WINDOWS\system32\spmsg.dll
- 2006-09-25 16:58:48 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2006-10-16 16:10:58 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
- 2003-04-21 13:09:50 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
+ 2005-04-27 16:36:00 245,408 ----a-r C:\WINDOWS\system32\unicows.dll
+ 2006-10-24 12:30:06 716,288 ------w C:\WINDOWS\system32\WindowsCodecs.dll
+ 2006-10-24 12:29:50 352,256 ------w C:\WINDOWS\system32\WindowsCodecsExt.dll
+ 2006-10-24 12:30:00 276,992 ------w C:\WINDOWS\system32\WMPhoto.dll
- 2008-01-03 02:11:29 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
+ 2008-01-15 17:55:52 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 12:00 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 08:48 16208384 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 10:04 2879488 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-12 05:19 7626752]
"nwiz"="nwiz.exe" [2006-07-12 05:19 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 05:19 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [2007-03-22 17:54 1150976]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-22 08:05 172032]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [2005-04-25 05:00 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [2006-09-07 08:21 65536]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [2006-09-07 08:17 200704]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48 286720]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [2007-09-28 08:42 1393928]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-28 22:08 185632]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46 57344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 12:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R3 TNET1130;802.11 WLAN;C:\WINDOWS\system32\DRIVERS\TNET1130.sys [2004-12-01 18:35]
S0 twvxlvwr;twvxlvwr;C:\WINDOWS\system32\drivers\gwytwpdy.sys []
S3 Intels51;Intel(R) 536EP V.92 Modem;C:\WINDOWS\system32\DRIVERS\Intels51.sys [2002-03-09 16:42]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm

.
Contents of the 'Scheduled Tasks' folder
"2008-01-15 16:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-01-15 16:04:16 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5DE7115-B5F8-42C9-8237-2669F45FD293}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-15 18:18:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-15 18:19:39
ComboFix-quarantined-files.txt 2008-01-15 18:19:32
ComboFix2.txt 2008-01-11 20:32:19
ComboFix3.txt 2008-01-10 03:48:34
ComboFix4.txt 2008-01-03 02:42:35
ComboFix5.txt 2007-11-19 04:43:07
.
2008-01-13 19:24:01 --- E O F ---

the zipped file you mentioned has nothing of importance in iit i think this is a duplication my husband keeps making with my files

also i don't know how to empty the quarantined files in trend micro
thanks
Jemma
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm
Advertisement
Register to Remove

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 18th, 2008, 4:58 pm

Hello jemma_79

Sorry For The delay I didn’t receive the e-mail notice I have sent a response To the Teachers They Will be back shortly

gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 20th, 2008, 2:02 pm

Hello

If there is nothing of importance in this zip file then It should also go
C:\Documents and Settings\All Users\Documents.zip (something inside of it is infected)

I am looking into how to empty your Quarantine folder for trend micro we will do this later
but I need to know what year and the full name of the program

This is a good time to clear your existing system restore points and establish a new clean restore point:
  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • Select the More options tab
  • Choose the option to clean up system restore and OK it.
This will remove all restore points except the new one you just created.

:Clean temp files

Download and Run AFT Cleaner
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache

*The other boxes are optional*
Then click the Empty Selected button.

if you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

if you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program

I know the Kaspersky scan takes awhile but so far this is the only thing that has detecked your viruses on this computer and I want to make sure we get it all

:Run Kaspersky Online AV Scanner:

Order to use it you have to use Internet Explorer.
Go to Kaspersky and click the Accept button at the end of the page.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
  • Read the Requirements and limitations before you click Accept.
  • Allow the ActiveX download if necessary.
  • Once the database has downloaded, click Next.
  • Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
  • Click on "My Computer"
  • When the scan has completed, click Save Report As...
  • Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
  • Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.





send me the log from kasperesky
and a new log from hijackthis

Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 22nd, 2008, 10:29 pm

hi sending the requested logs
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, January 23, 2008 12:49:33 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 22/01/2008
Kaspersky Anti-Virus database records: 527321
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 55987
Number of viruses found: 10
Number of infected objects: 1542
Number of suspicious objects: 0
Duration of the scan process: 01:28:49

Infected Object Name / Virus Name / Last Action
C:\Deckard\System Scanner\20071121205224\backup\WINDOWS\Downloaded Program Files\popcaploader.dll Infected: not-a-virus:Downloader.Win32.PopCap.a skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\APP10400.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\Apps.Lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\main.idx Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\sap.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\spool.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\STYLE.LST Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\sysnews.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\idb\Toolbar.lst Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\organize\CACHE\grainis00 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\organize\grainisss Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\organize\grainisss.abi Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\organize\grainisss.aby Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\ShopAssist\DataStore\global\clientcache.adb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\Ca_AOL 9.0\ShopAssist\DataStore\users\Grainisss.adb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\cache.db Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\server.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\stderr.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\storage\stdout.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\123[1].htm.bac_a02476/packed Infected: Exploit.Win32.IMG-ANI.ak skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\123[1].htm.bac_a02476 GZIP: infected - 1 skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\123[1].htm.bac_a02476 CryptFF.b: infected - 1 skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\640178de-1b7bdbd3.bac_a02124 Infected: Exploit.Java.Gimsh.a skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a00304 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a00408 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a02140 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a02476 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll.bac_a03820 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\atpakib-deas.dll㴘ਲ਼.bac_a03944 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\do.exe.bac_a02476 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ibm00005.dll.bac_a02124 Infected: Trojan-PSW.Win32.Sinowal.m skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\java.class-4ef464a-1f63b88d.class.bac_a02124 Infected: Exploit.Java.Gimsh.a skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ouxtikeah.dll.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ouxtikeah.dll.bac_a02476 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\ouxtikeah.dll.bac_a03944 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(10).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(11).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(12).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(13).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(14).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(15).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(16).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(17).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(18).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(19).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(2).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(20).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(21).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(22).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(23).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(24).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(25).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(26).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(27).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(28).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(29).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(3).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(30).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(31).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(32).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(33).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(34).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(35).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(36).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(37).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(38).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(39).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(4).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(40).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(41).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(42).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(43).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(44).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(45).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(46).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(47).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(5).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(6).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(7).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(8).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot(9).exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot.exe.bac_a02124 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot.exe.bac_a03820 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\udsacoot.exe.bac_a03944 Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Documents and Settings\user\.housecall6.6\Quarantine\win32[1].exe.bac_a02476 Infected: Email-Worm.Win32.Zhelatin.da skipped
C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped
C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\user\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\user\ntuser.dat Object is locked skipped
C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Common Files\AOL\ACS\UK\static Object is locked skipped
C:\Program Files\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\100.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\101.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\102.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\103.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\104.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\105.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\106.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\107.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\108.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\109.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\10F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\110.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\111.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\112.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\113.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\114.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\115.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\116.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\117.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\118.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\119.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\11F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\120.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\121.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\122.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\123.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\124.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\125.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\126.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\127.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\128.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\129.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\12F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\130.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\131.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\132.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\133.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\134.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\135.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\136.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\137.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\138.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\139.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\13F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\140.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\141.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\142.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\143.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\144.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\145.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\146.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\147.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\148.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\149.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\14F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\150.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\151.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\152.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\153.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\154.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\155.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\156.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\157.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\158.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\159.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\15F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\160.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\161.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\162.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\163.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\164.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\165.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\166.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\167.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\168.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\169.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\16F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\170.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\171.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\172.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\173.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\174.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\175.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\176.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\177.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\178.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\179.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\17F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\180.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\181.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\182.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\183.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\184.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\185.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\186.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\187.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\188.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\189.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\18F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\190.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\191.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\192.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\193.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\194.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\195.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\196.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\197.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\198.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\199.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\19F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D8.tmp Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DA.tmp Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\1FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\200.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\201.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\202.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\203.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\204.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\205.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\206.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\207.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\208.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\209.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\20F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\210.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\211.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\212.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\213.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\214.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\215.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\216.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\217.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\218.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\219.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\21F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\220.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\221.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\222.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\223.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\224.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\225.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\226.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\227.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\228.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\229.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\22F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\230.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\231.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\232.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\233.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\234.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\235.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\236.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\237.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\238.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\239.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\23F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\240.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\241.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\242.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\243.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\244.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\245.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\246.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\247.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\248.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\249.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\24F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\250.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\251.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\252.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\253.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\254.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\255.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\256.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\257.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\258.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\259.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\25F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\260.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\261.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\262.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\263.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\264.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\265.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\266.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\267.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\268.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\269.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\26F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\270.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\271.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\272.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\273.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\274.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\275.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\276.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\277.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\278.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\279.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\27F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\280.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\281.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\282.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\283.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\284.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\285.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\286.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\287.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\288.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\289.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\28F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\290.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\291.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\292.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\293.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\294.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\295.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\296.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\297.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\298.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\299.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\29F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\2FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\300.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\301.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\302.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\303.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\304.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\305.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\306.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\307.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\308.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\309.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\30F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\310.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\311.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\312.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\313.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\314.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\315.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\316.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\317.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\318.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\319.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\31F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\320.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\321.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\322.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\323.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\324.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\325.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\326.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\327.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\328.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\329.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\32F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\330.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\331.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\332.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\333.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\334.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\335.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\336.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\337.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\338.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\339.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\33F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\340.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\341.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\342.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\343.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\344.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\345.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\346.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\347.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\348.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\349.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\34F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\350.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\351.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\352.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\353.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\354.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\355.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\356.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\357.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\358.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\359.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\35F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\360.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\361.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\362.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\363.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\364.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\365.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\366.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\367.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\368.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\369.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\36F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\370.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\371.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\372.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\373.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\374.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\375.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\376.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\377.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\378.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\379.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\37F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\380.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\381.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\382.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\383.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\384.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\385.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\386.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\387.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\388.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\389.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\38F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\390.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\391.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\392.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\393.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\394.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\395.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\396.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\397.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\398.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\399.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\39F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\3FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\400.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\401.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\402.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\403.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\404.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\405.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\406.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\407.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\408.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\409.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\40F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\410.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\411.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\412.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\413.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\414.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\415.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\416.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\417.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\418.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\419.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\41F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\420.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\421.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\422.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\423.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\424.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\425.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\426.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\427.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\428.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\429.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\42F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\430.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\431.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\432.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\433.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\434.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\435.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\436.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\437.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\438.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\439.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\43F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\440.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\441.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\442.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\443.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\444.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\445.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\446.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\447.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\448.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\449.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\44F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\450.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\451.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\452.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\453.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\454.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\455.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\456.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\457.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\458.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\459.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\45F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\460.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\461.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\462.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\463.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\464.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\465.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\466.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\467.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\468.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\469.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\46F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\470.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\471.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\472.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\473.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\474.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\475.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\476.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\477.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\478.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\479.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\47F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\480.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\481.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\482.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\483.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\484.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\485.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\486.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\487.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\488.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\489.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\48C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\49.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\495.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\496.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\497.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\498.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\49B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\4F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/ahroxun-edat.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/atpakib-deas.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/ekvakuh-easac.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/udsacoot.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp/ouxtikeah.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp ZIP: infected - 5 skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5.tmp CryptFF.b: infected - 5 skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\50.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\51.tmp Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\52.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\53.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\54.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\55.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\56.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\57.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\58.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\59.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\5F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\60.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\61.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\62.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\63.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\64.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\65.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\66.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\67.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\68.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\69.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\6F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\70.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\71.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\72.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\73.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\74.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\75.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\76.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\77.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\78.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\79.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\7F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\80.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\81.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\82.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\83.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\84.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\85.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\86.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\87.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\88.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\89.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\8F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\90.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\91.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\92.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\93.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\94.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\95.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\96.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\97.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\98.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\99.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\9F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0233312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0234312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0235312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0236312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0237312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0238312.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0266461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0267460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0268460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0269460.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0270461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0271461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0272461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273461.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273542.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273579.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273598.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273614.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273632.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273648.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273665.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273683.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273958.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0273975.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0274003.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0274025.exe Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A0274045.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\A9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\AF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\B9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\BF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\C9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\CF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\D9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\DF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\E9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\ED.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\EF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F0.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F1.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F2.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F3.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F4.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F5.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F6.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F7.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F8.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\F9.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FA.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FB.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FC.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FD.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FE.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\FF.tmp Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\Program Files\Trend Micro\Internet Security\Quarantine\ouxtikeah.dll Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\Documents and Settings\All Users\Documents\Documents\My Music\AOL 9.0a\update.exe.vir Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\qoobox\Quarantine\C\Documents and Settings\user\Application Data\tmp3.tmp.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\Program Files\MSN Messenger\msimg32.dll.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\qoobox\Quarantine\C\WINDOWS\djb.exe.vir Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\qoobox\Quarantine\C\WINDOWS\fseob.exe.vir Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\qoobox\Quarantine\C\WINDOWS\md.exe.vir Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\qoobox\Quarantine\C\WINDOWS\qdtkq.exe.vir Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(10).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(100).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(101).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(102).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(103).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(104).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(105).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(106).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(107).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(108).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(109).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(11).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(110).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(111).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(112).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(113).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(114).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(115).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(116).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(117).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(118).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(119).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(12).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(120).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(121).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(122).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(123).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(124).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(125).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(126).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(127).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(128).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(129).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(13).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(130).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(131).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(132).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(133).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(134).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(135).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(136).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(137).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(138).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(139).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(14).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(140).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(141).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(142).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(143).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(144).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(145).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(146).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(147).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(148).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(149).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(15).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(150).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(151).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(152).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(153).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(154).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(155).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(156).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(157).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(158).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(159).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(16).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(160).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(161).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(162).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(163).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(164).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(165).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(166).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(167).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(168).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(169).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(17).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(170).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(171).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(172).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(173).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(174).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(175).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(176).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(177).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(178).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(179).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(18).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(180).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(181).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(182).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(183).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(184).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(185).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(186).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(187).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(188).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(189).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(19).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(190).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(191).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(192).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(193).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(194).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(195).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(196).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(197).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(198).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(199).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(2).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(20).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(200).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(201).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(202).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(203).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(204).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(205).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(206).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(207).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(208).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(209).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(21).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(210).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(211).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(212).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(213).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(214).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(215).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(216).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(217).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(218).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(219).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(22).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(220).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(221).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(222).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(223).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(224).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(225).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(226).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(227).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(228).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(229).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(23).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(230).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(231).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(232).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(233).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(24).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(25).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(26).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(27).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(28).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(29).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(3).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(30).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(31).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(32).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(33).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(34).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(35).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(36).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(37).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(38).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(39).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(4).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(40).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(41).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(42).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(43).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(44).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(45).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(46).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(47).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(48).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(49).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(5).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(50).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(51).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(52).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(53).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(54).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(55).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(56).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(57).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(58).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(59).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(6).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(60).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(61).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(62).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(63).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(64).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(65).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(66).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(67).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(68).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(69).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(7).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(70).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(71).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(72).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(73).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(74).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(75).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(76).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(77).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(78).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(79).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(8).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(80).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(81).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(82).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(83).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(84).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(85).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(86).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(87).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(88).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(89).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(9).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(90).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(91).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(92).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(93).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(94).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(95).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(96).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(97).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(98).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\system32\ahroxun-edat(99).exe.vir Infected: Trojan-Downloader.Win32.Agent.apd skipped
C:\qoobox\Quarantine\C\WINDOWS\yq.exe.vir Infected: Trojan-Downloader.Win32.Small.eig skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{53CE54E8-1E1D-479D-AF11-C2B05BCF2CC5}\RP458\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\HOME2.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\WINDOWS\system\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.dat Object is locked skipped
C:\WINDOWS\system32\drivers\fidbox.idx Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\FP00000.SHD Object is locked skipped
C:\WINDOWS\system32\spool\PRINTERS\FP00000.SPL Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\ZLT03835.TMP Object is locked skipped
C:\WINDOWS\TEMP\ZLT03838.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:21:12, on 23/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\hijack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/ ... 586-jc.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CD0129B-9611-4CD1-AB87-D1914DBB4CD8}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{2CD0129B-9611-4CD1-AB87-D1914DBB4CD8}: NameServer = 205.188.146.145
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9819 bytes

thankyou
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 23rd, 2008, 10:00 pm

hello

the logs are looking alot better the only things I see are in the quarantined files

first it looks like you have two firewalls going now
one from trend micro and one from zonealarm

I would like you to uninstall the one from zonealarm

:uninstall some programs:

1. click on start
2. then go to settings
3. after that you need control panel
4. look for the icon add remove programs
click on the following programs
ZoneAlarm
and click on remove

now to clean out the quarantined files

To clean the quarantined files, do the following:
  • 1 Open the Trend Micro AntiVirus plus AntiSpyware main console by doing any of the following:
    • Click Start > Programs or All Programs > Trend Micro Anti Virus
    • Double-click the Trend Micro AntiVirus plus AntiSpyware icon on the lower right corner of your screen.
  • 2. Click Virus & Spyware Controls on the left panel.
  • 3. Click Quarantine on the right panel.
  • 4. Click Examine Quarantined Files. This opens the Quarantine Area window.
  • 5. Click Delete All to permanently delete all the items in the list.
  • 7. Click Close.
  • 8. Close the Trend Micro AntiVirus plus AntiSpyware main console....

or it is this way
1. Open PC-cillin Internet Security by double-clicking on the PC-cillin icon on the taskbar. You can also click Start >Programs >Trend Micro Antivirus >Trend Micro Antivirus.
2. Click on System >Quarantine.
3. Click on the file you want to delete and click the Delete button.
If you want to delete all files in the quarantine folder, click on Delete All.

Delete files and folders

now I want to get rid of this folder

I need you to right click on the start button
click on explore and navegate to and delete these files or folders (if present)

C:\Documents and Settings\user\.housecall6.6\ Quarantine<---this folder

now empty the recycle bin

: Recovery Console :

we need to install the Recovery Console on this computer
this is very important it could save you later

Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System

Image

the one for you is Windows XP Service Pack 2 (SP2)

Download the file & save it as it's originally named, next to ComboFix.exe.



Image


Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.




## Important ##
This is a precautionary measure. Please do not reboot the machine until we have reviewed the log & responded to you.




send me the log from combofix it will be here C:\CF-RC.txt
and a new log from hijackthis

gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 24th, 2008, 1:48 pm

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=5
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:47:24, on 24/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/ ... 586-jc.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CD0129B-9611-4CD1-AB87-D1914DBB4CD8}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{2CD0129B-9611-4CD1-AB87-D1914DBB4CD8}: NameServer = 205.188.146.145
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 9729 bytes
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 25th, 2008, 12:28 am

hello jemma_79

now I need to know how the computer is doing and let me know of any problems you may be having
are you still having problems going into safe mode?

:disable SUPERAntiSpyware:
  • Please disable SuperAntispyware as it can interfere with the fix
  • Right-click on the shortcut from the system tray,
  • choose View Control Center (preferences/options),
  • on the General and Startup tab,
  • uncheck, Start SUPERAntispyware when Windows starts,
  • click Close to exit.
  • you can renable it after the fixes

:uninstall some programs:

1. click on start
2. then go to settings
3. after that you need control panel
4. look for the icon add remove programs
click on the following programs
Java(TM) 6 Update 3
and click on remove

: Update Java :

Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to update.
  • Download the latest version of Java(TM) SE Runtime Environment 6u4.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on the download to install the newest version.

: Remove bad HijackThis entries
  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
      O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

Delete files and folders
I need you to right click on the start button
click on explore and navegate to and delete this folder (if present)

C:\Program Files\PartyGaming<---this folder

-

in you next reply let me know about any problems
and a new log from hijackthis


Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 25th, 2008, 5:45 pm

hi i am still unable to start in safe mode computer seems to be running a little better i was unable to find the file party gaming
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:18, on 25/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 8574 bytes

during start up after the beep i am given 2 options to either start windows normally or to start windows recovery ?
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 26th, 2008, 6:00 pm

hello jemma_79
hi i am still unable to start in safe mode

let me check some settings

: Download and Run DSS :

Download Deckard's System Scanner (DSS) to your Desktop. You must be logged onto an account with administrator privileges.
  • Close all applications and windows.
  • Double-click on dss.exe to run it, and follow the prompts.
  • When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<- this one will be minimized.
  • Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt in your reply.




send me the log from DSS

Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 27th, 2008, 9:44 am

Deckard's System Scanner v20071014.68
Run by user on 2008-01-27 13:26:30
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26:32, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Common Files\AOL\1201307382\ee\aolsoftware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\user\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 8881 bytes

-- Files created between 2007-12-27 and 2008-01-27 -----------------------------

2008-01-26 10:10:20 0 d-------- C:\Program Files\Windows Live Toolbar
2008-01-26 02:30:49 0 dr-h----- C:\Documents and Settings\user\Recent
2008-01-25 20:55:36 0 d-------- C:\Program Files\Java
2008-01-24 17:58:28 0 d-------- C:\Graphs
2008-01-24 17:29:10 0 d-------- C:\cmdcons
2008-01-23 23:52:58 0 d-------- C:\Program Files\AOL Companion
2008-01-23 23:51:36 153088 --a------ C:\WINDOWS\system32\jgdwmie.dll <Not Verified; America Online; JG Decoder>
2008-01-23 23:50:59 0 d-------- C:\Program Files\Common Files\aolshare
2008-01-23 23:50:55 0 d-------- C:\Program Files\AOL 9.0
2008-01-20 19:47:32 7864320 --a------ C:\Documents and Settings\user\ntuser.dat
2008-01-14 19:35:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-14 19:35:30 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-14 17:26:36 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-14 17:26:26 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-14 17:26:26 0 d-------- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2008-01-14 17:25:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 04:27:50 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-04 11:19:41 1309 --a------ C:\WINDOWS\mozver.dat
2008-01-03 23:03:27 0 d-------- C:\Documents and Settings\user\Application Data\ArcSoft
2008-01-03 21:51:16 11776 --a------ C:\WINDOWS\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
2008-01-03 21:51:16 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-01-03 21:50:50 0 d-------- C:\Program Files\ArcSoft
2008-01-03 11:48:18 0 d-------- C:\Documents and Settings\user\Application Data\Mozilla
2008-01-03 02:32:31 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-03 02:32:31 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-03 02:32:31 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-03 02:32:31 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-01-03 02:32:31 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-03 02:32:31 51200 --a------ C:\WINDOWS\system32\dumphive.exe


-- Find3M Report ---------------------------------------------------------------

2008-01-27 12:06:54 0 d-------- C:\Program Files\SilverCreekCommonFiles
2008-01-27 12:06:54 0 d-------- C:\Program Files\Hardwood Spades
2008-01-26 21:30:24 0 d-------- C:\Program Files\Windows Live
2008-01-26 18:47:30 0 d-------- C:\Program Files\Yahoo!
2008-01-26 18:47:27 0 d-------- C:\Program Files\Common Files
2008-01-26 18:47:26 0 d-------- C:\Program Files\Common Files\AOL
2008-01-24 11:36:15 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-23 02:21:12 9820 --a------ C:\Program Files\hijackthis.log
2008-01-21 01:45:40 0 d-------- C:\Program Files\EnglishHarbourCasino
2008-01-17 14:54:09 0 d-------- C:\Documents and Settings\user\Application Data\AOL
2008-01-15 18:14:35 0 d-------- C:\Program Files\MSN Messenger
2008-01-10 02:42:02 67777 --a------ C:\Program Files\log malware.txt
2008-01-10 01:58:34 162 --ah----- C:\Program Files\~$g malware.txt
2008-01-04 03:04:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-03 13:53:48 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2008-01-03 02:33:01 3816 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 09:44:06 0 d-------- C:\Program Files\CCleaner


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [01/06/2006 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [16/05/2006 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 05:19]
"nwiz"="nwiz.exe" [12/07/2006 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [22/03/2007 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [22/06/2004 08:05]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [25/04/2005 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [07/09/2006 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [07/09/2006 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [10/06/2004 12:48]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [28/09/2007 08:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 22:46]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [23/10/2006 12:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42]
"HostManager"="C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe" [08/10/2007 21:50]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 12:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [26/01/2008 21:38]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 14:06]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AOL 9.0 Tray Icon.lnk - C:\Program Files\AOL 9.0\aoltray.exe [23/01/2008 23:51:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm




-- End of Deckard's System Scanner: finished at 2008-01-27 13:27:18 ------------
this is the only page the sytem scanner brought up
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 27th, 2008, 9:46 am

Deckard's System Scanner v20071014.68
Run by user on 2008-01-27 13:26:30
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26:32, on 27/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Common Files\AOL\1201307382\ee\aolsoftware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\user\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 8881 bytes

-- Files created between 2007-12-27 and 2008-01-27 -----------------------------

2008-01-26 10:10:20 0 d-------- C:\Program Files\Windows Live Toolbar
2008-01-26 02:30:49 0 dr-h----- C:\Documents and Settings\user\Recent
2008-01-25 20:55:36 0 d-------- C:\Program Files\Java
2008-01-24 17:58:28 0 d-------- C:\Graphs
2008-01-24 17:29:10 0 d-------- C:\cmdcons
2008-01-23 23:52:58 0 d-------- C:\Program Files\AOL Companion
2008-01-23 23:51:36 153088 --a------ C:\WINDOWS\system32\jgdwmie.dll <Not Verified; America Online; JG Decoder>
2008-01-23 23:50:59 0 d-------- C:\Program Files\Common Files\aolshare
2008-01-23 23:50:55 0 d-------- C:\Program Files\AOL 9.0
2008-01-20 19:47:32 7864320 --a------ C:\Documents and Settings\user\ntuser.dat
2008-01-14 19:35:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-14 19:35:30 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-14 17:26:36 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-14 17:26:26 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-14 17:26:26 0 d-------- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2008-01-14 17:25:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 04:27:50 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-04 11:19:41 1309 --a------ C:\WINDOWS\mozver.dat
2008-01-03 23:03:27 0 d-------- C:\Documents and Settings\user\Application Data\ArcSoft
2008-01-03 21:51:16 11776 --a------ C:\WINDOWS\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
2008-01-03 21:51:16 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-01-03 21:50:50 0 d-------- C:\Program Files\ArcSoft
2008-01-03 11:48:18 0 d-------- C:\Documents and Settings\user\Application Data\Mozilla
2008-01-03 02:32:31 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-03 02:32:31 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-03 02:32:31 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-03 02:32:31 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-01-03 02:32:31 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-03 02:32:31 51200 --a------ C:\WINDOWS\system32\dumphive.exe


-- Find3M Report ---------------------------------------------------------------

2008-01-27 12:06:54 0 d-------- C:\Program Files\SilverCreekCommonFiles
2008-01-27 12:06:54 0 d-------- C:\Program Files\Hardwood Spades
2008-01-26 21:30:24 0 d-------- C:\Program Files\Windows Live
2008-01-26 18:47:30 0 d-------- C:\Program Files\Yahoo!
2008-01-26 18:47:27 0 d-------- C:\Program Files\Common Files
2008-01-26 18:47:26 0 d-------- C:\Program Files\Common Files\AOL
2008-01-24 11:36:15 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-23 02:21:12 9820 --a------ C:\Program Files\hijackthis.log
2008-01-21 01:45:40 0 d-------- C:\Program Files\EnglishHarbourCasino
2008-01-17 14:54:09 0 d-------- C:\Documents and Settings\user\Application Data\AOL
2008-01-15 18:14:35 0 d-------- C:\Program Files\MSN Messenger
2008-01-10 02:42:02 67777 --a------ C:\Program Files\log malware.txt
2008-01-10 01:58:34 162 --ah----- C:\Program Files\~$g malware.txt
2008-01-04 03:04:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-03 13:53:48 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2008-01-03 02:33:01 3816 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 09:44:06 0 d-------- C:\Program Files\CCleaner


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [01/06/2006 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [16/05/2006 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 05:19]
"nwiz"="nwiz.exe" [12/07/2006 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [22/03/2007 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [22/06/2004 08:05]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [25/04/2005 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [07/09/2006 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [07/09/2006 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [10/06/2004 12:48]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [28/09/2007 08:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 22:46]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [23/10/2006 12:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42]
"HostManager"="C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe" [08/10/2007 21:50]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 12:00]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [26/01/2008 21:38]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 14:06]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AOL 9.0 Tray Icon.lnk - C:\Program Files\AOL 9.0\aoltray.exe [23/01/2008 23:51:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm




-- End of Deckard's System Scanner: finished at 2008-01-27 13:27:18 ------------
this is the only page the sytem scanner brought up
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 27th, 2008, 9:50 am

hello jemma_79

you can find the other report here

C:\Deckard\System Scanner\extra.txt

that is the one I need the most right now


Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 29th, 2008, 6:14 pm

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Sempron(tm) Processor 3000+
Percentage of Memory in Use: 59%
Physical Memory (total/avail): 959.23 MiB / 386.7 MiB
Pagefile Memory (total/avail): 2315.38 MiB / 1800.32 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1943.65 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 149.04 GiB total, 129.25 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6V160E0 - 149.05 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 149.04 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.
AntivirusOverride is set.

FW: Trend Micro Personal Firewall v5.0 (Trend Micro Inc.)
AV: Trend Micro Internet Security v16.00.1449 ()

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1180556939\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1180556939\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1180556939\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1180556939\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Common Files\\AOL\\1180968173\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1180968173\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1180968173\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1180968173\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\system32\\ekvakuh-easac.exe"="C:\\WINDOWS\\system32\\ekvakuh-easac.exe:*:Enabled:Windows Internet Access"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\user\Application Data
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=HOME2
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\user
LOGONSERVER=\\HOME2
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\user\LOCALS~1\Temp
TMP=C:\DOCUME~1\user\LOCALS~1\Temp
USERDOMAIN=HOME2
USERNAME=user
USERPROFILE=C:\Documents and Settings\user
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

user [I](admin)[/I]
Administrator [I](new local, admin)[/I]


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2X-Office 7.72 --> C:\Program Files\A4Tech\Mouse\Uninst32.exe
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINDOWS\atmoUn.exe
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
ebgcInfra --> MsiExec.exe /X{39B1BD87-561E-4762-AED9-7C5213B06C24}
ebgcRes --> MsiExec.exe /X{5380B111-5047-413D-A6E5-70D69391D08E}
ebgcSDK --> MsiExec.exe /X{13AD768A-9E04-499D-AE80-967A65DCCBA5}
EnglishHarbourCasino --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3F1BAF0-ABA2-11D5-B8F7-00010323AB2C}\Setup.exe" -l0x9 -uninst
EPSON Attach To Email --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Easy Photo Print --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27F650A9-6FAB-41C8-8621-92FF0118B0C4}\SETUP.EXE" -l0x9 UNINST
EPSON File Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x9 UNINST
EPSON Printer Software --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan Assistant --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u
EPSON Web-To-Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x9 -anything
ESPR240 User's Guide --> C:\Program Files\EPSON\TPMANUAL\ESPR240\USE_G\DOCUNINS.EXE
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Hardwood Spades --> C:\Program Files\Hardwood Spades\Spades.exe -Uninstall
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\25VYQZKR\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iKeyWorks 7.72 --> C:\Program Files\A4Tech\Keyboard\Uninst32.exe
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Trend Micro Internet Security --> C:\Program Files\Trend Micro\Internet Security\remove.exe
Trend Micro Internet Security --> MsiExec.exe /X{A621B45A-D138-4A95-BE10-7CABA05EF94E}
Ultra soft --> C:\Documents and Settings\user\Application Data\ultra\uninstall.bat
VideoCAM Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{862546CA-19C6-4D42-A6EB-352820682FA3}\Setup.exe" -l0x9
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Live installer --> MsiExec.exe /X{7BC43F11-02C8-45FA-ABDC-E2F9FF31F825}
Windows Live Messenger --> MsiExec.exe /X{33F8EAD4-B6EC-498B-B487-696B973D1C0C}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{CB5EA99C-8A5B-49F2-9A1A-2EF78BE4DB41}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Wireless LAN Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07DEC7A1-F8D2-4DBB-900B-A2F9302647BB}\Setup.exe" -l0x9


-- Application Event Log -------------------------------------------------------

Event Record #/Type3746 / Success
Event Submitted/Written: 11/12/2007 10:24:05 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type3730 / Success
Event Submitted/Written: 11/12/2007 08:15:20 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type3726 / Warning
Event Submitted/Written: 11/12/2007 01:26:19 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type3716 / Warning
Event Submitted/Written: 11/12/2007 00:04:45 AM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type3715 / Warning
Event Submitted/Written: 11/12/2007 00:02:36 AM
Event ID/Source: 63 / WinMgmt
Event Description:
A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type158 / Error
Event Submitted/Written: 11/12/2007 11:17:20 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {0002DF01-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Event Record #/Type129 / Error
Event Submitted/Written: 11/12/2007 10:58:32 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The NtmlSvc service terminated with the following error:
%%126

Event Record #/Type100 / Error
Event Submitted/Written: 11/12/2007 10:47:20 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The NtmlSvc service terminated with the following error:
%%126

Event Record #/Type75 / Error
Event Submitted/Written: 11/12/2007 10:32:01 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The NtmlSvc service terminated with the following error:
%%126

Event Record #/Type70 / Warning
Event Submitted/Written: 11/12/2007 10:31:59 PM
Event ID/Source: 2504 / Server
Event Description:
The server could not bind to the transport \Device\NetBT_Tcpip_{5C1FE956-4C46-4B88-BAEC-4F257DF18246}.



-- End of Deckard's System Scanner: finished at 2007-11-13 00:02:40 ------------

Deckard's System Scanner v20071014.68
Run by user on 2008-01-29 21:40:11
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40:14, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Documents and Settings\user\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 8850 bytes

-- Files created between 2007-12-29 and 2008-01-29 -----------------------------

2008-01-27 19:23:08 0 d-------- C:\Program Files\Windows Installer Clean Up
2008-01-26 10:10:20 0 d-------- C:\Program Files\Windows Live Toolbar
2008-01-26 02:30:49 0 dr-h----- C:\Documents and Settings\user\Recent
2008-01-25 20:55:36 0 d-------- C:\Program Files\Java
2008-01-24 17:58:28 0 d-------- C:\Graphs
2008-01-24 17:29:10 0 d-------- C:\cmdcons
2008-01-23 23:52:58 0 d-------- C:\Program Files\AOL Companion
2008-01-23 23:51:36 153088 --a------ C:\WINDOWS\system32\jgdwmie.dll <Not Verified; America Online; JG Decoder>
2008-01-23 23:50:59 0 d-------- C:\Program Files\Common Files\aolshare
2008-01-23 23:50:55 0 d-------- C:\Program Files\AOL 9.0
2008-01-20 19:47:32 7864320 --a------ C:\Documents and Settings\user\ntuser.dat
2008-01-14 19:35:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-14 19:35:30 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-14 17:26:36 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-14 17:26:26 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-14 17:26:26 0 d-------- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2008-01-14 17:25:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 04:27:50 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-04 11:19:41 1309 --a------ C:\WINDOWS\mozver.dat
2008-01-03 23:03:27 0 d-------- C:\Documents and Settings\user\Application Data\ArcSoft
2008-01-03 21:51:16 11776 --a------ C:\WINDOWS\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
2008-01-03 21:51:16 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-01-03 21:50:50 0 d-------- C:\Program Files\ArcSoft
2008-01-03 11:48:18 0 d-------- C:\Documents and Settings\user\Application Data\Mozilla
2008-01-03 02:32:31 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-03 02:32:31 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-03 02:32:31 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-03 02:32:31 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-01-03 02:32:31 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-03 02:32:31 51200 --a------ C:\WINDOWS\system32\dumphive.exe


-- Find3M Report ---------------------------------------------------------------

2008-01-27 19:22:39 0 d-------- C:\Program Files\MSECache
2008-01-27 12:06:54 0 d-------- C:\Program Files\SilverCreekCommonFiles
2008-01-27 12:06:54 0 d-------- C:\Program Files\Hardwood Spades
2008-01-26 21:30:24 0 d-------- C:\Program Files\Windows Live
2008-01-26 18:47:30 0 d-------- C:\Program Files\Yahoo!
2008-01-26 18:47:27 0 d-------- C:\Program Files\Common Files
2008-01-26 18:47:26 0 d-------- C:\Program Files\Common Files\AOL
2008-01-24 11:36:15 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-23 02:21:12 9820 --a------ C:\Program Files\hijackthis.log
2008-01-21 01:45:40 0 d-------- C:\Program Files\EnglishHarbourCasino
2008-01-17 14:54:09 0 d-------- C:\Documents and Settings\user\Application Data\AOL
2008-01-15 18:14:35 0 d-------- C:\Program Files\MSN Messenger
2008-01-10 02:42:02 67777 --a------ C:\Program Files\log malware.txt
2008-01-10 01:58:34 162 --ah----- C:\Program Files\~$g malware.txt
2008-01-04 03:04:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-03 13:53:48 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2008-01-03 02:33:01 3816 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 09:44:06 0 d-------- C:\Program Files\CCleaner


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [01/06/2006 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [16/05/2006 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 05:19]
"nwiz"="nwiz.exe" [12/07/2006 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [22/03/2007 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [22/06/2004 08:05]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [25/04/2005 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [07/09/2006 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [07/09/2006 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [10/06/2004 12:48]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [28/09/2007 08:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 22:46]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [23/10/2006 12:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42]
"HostManager"="C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe" [08/10/2007 21:50]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 12:00]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 14:06]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [26/01/2008 21:38]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AOL 9.0 Tray Icon.lnk - C:\Program Files\AOL 9.0\aoltray.exe [23/01/2008 23:51:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm




-- End of Deckard's System Scanner: finished at 2008-01-29 21:41:04 ------------


Deckard's System Scanner v20071014.68
Run by user on 2008-01-29 21:40:11
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40:14, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Documents and Settings\user\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wireless LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R240 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P30 "EPSON Stylus Photo R240 Series" /O6 "USB001" /M "Stylus Photo R240"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx1.mail.live.com/mail/w1/resou ... NPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a8637465bb4ac20b.spaces.live ... nPUpld.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - https://fortunelounge.microgaming.com/g ... lashAX.cab
O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} - http://zone.msn.com/bingame/hsol/defaul ... uncher.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://smiley.oberon-media.com/online/o ... der_v6.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wireless LAN Utility\tiwlnsvc.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 8850 bytes

-- Files created between 2007-12-29 and 2008-01-29 -----------------------------

2008-01-27 19:23:08 0 d-------- C:\Program Files\Windows Installer Clean Up
2008-01-26 10:10:20 0 d-------- C:\Program Files\Windows Live Toolbar
2008-01-26 02:30:49 0 dr-h----- C:\Documents and Settings\user\Recent
2008-01-25 20:55:36 0 d-------- C:\Program Files\Java
2008-01-24 17:58:28 0 d-------- C:\Graphs
2008-01-24 17:29:10 0 d-------- C:\cmdcons
2008-01-23 23:52:58 0 d-------- C:\Program Files\AOL Companion
2008-01-23 23:51:36 153088 --a------ C:\WINDOWS\system32\jgdwmie.dll <Not Verified; America Online; JG Decoder>
2008-01-23 23:50:59 0 d-------- C:\Program Files\Common Files\aolshare
2008-01-23 23:50:55 0 d-------- C:\Program Files\AOL 9.0
2008-01-20 19:47:32 7864320 --a------ C:\Documents and Settings\user\ntuser.dat
2008-01-14 19:35:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-14 19:35:30 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-14 17:26:36 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-01-14 17:26:26 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-14 17:26:26 0 d-------- C:\Documents and Settings\user\Application Data\SUPERAntiSpyware.com
2008-01-14 17:25:39 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 04:27:50 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-01-04 11:19:41 1309 --a------ C:\WINDOWS\mozver.dat
2008-01-03 23:03:27 0 d-------- C:\Documents and Settings\user\Application Data\ArcSoft
2008-01-03 21:51:16 11776 --a------ C:\WINDOWS\system32\drivers\afc.sys <Not Verified; Arcsoft, Inc.; Arcsoft(R) ASPI Shell>
2008-01-03 21:51:16 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-01-03 21:50:50 0 d-------- C:\Program Files\ArcSoft
2008-01-03 11:48:18 0 d-------- C:\Documents and Settings\user\Application Data\Mozilla
2008-01-03 02:32:31 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-01-03 02:32:31 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-01-03 02:32:31 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-01-03 02:32:31 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-01-03 02:32:31 81920 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-01-03 02:32:31 51200 --a------ C:\WINDOWS\system32\dumphive.exe


-- Find3M Report ---------------------------------------------------------------

2008-01-27 19:22:39 0 d-------- C:\Program Files\MSECache
2008-01-27 12:06:54 0 d-------- C:\Program Files\SilverCreekCommonFiles
2008-01-27 12:06:54 0 d-------- C:\Program Files\Hardwood Spades
2008-01-26 21:30:24 0 d-------- C:\Program Files\Windows Live
2008-01-26 18:47:30 0 d-------- C:\Program Files\Yahoo!
2008-01-26 18:47:27 0 d-------- C:\Program Files\Common Files
2008-01-26 18:47:26 0 d-------- C:\Program Files\Common Files\AOL
2008-01-24 11:36:15 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-01-23 02:21:12 9820 --a------ C:\Program Files\hijackthis.log
2008-01-21 01:45:40 0 d-------- C:\Program Files\EnglishHarbourCasino
2008-01-17 14:54:09 0 d-------- C:\Documents and Settings\user\Application Data\AOL
2008-01-15 18:14:35 0 d-------- C:\Program Files\MSN Messenger
2008-01-10 02:42:02 67777 --a------ C:\Program Files\log malware.txt
2008-01-10 01:58:34 162 --ah----- C:\Program Files\~$g malware.txt
2008-01-04 03:04:30 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-03 13:53:48 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2008-01-03 02:33:01 3816 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-24 09:44:06 0 d-------- C:\Program Files\CCleaner


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [01/06/2006 08:48 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [16/05/2006 10:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/07/2006 05:19]
"nwiz"="nwiz.exe" [12/07/2006 05:19 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/07/2006 05:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 10:50]
"TI WLAN"="C:\Program Files\Wireless LAN Utility\TIWLANCu.exe" [22/03/2007 17:54]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [22/06/2004 08:05]
"EPSON Stylus Photo R240 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.exe" [25/04/2005 05:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"iKeyWorks"="C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe" [07/09/2006 08:21]
"WheelMouse"="C:\Program Files\A4Tech\Mouse\Amoumain.exe" [07/09/2006 08:17]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [10/06/2004 12:48]
"UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [28/09/2007 08:42]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/06/2005 22:46]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [23/10/2006 12:50]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [14/12/2007 03:42]
"HostManager"="C:\Program Files\Common Files\AOL\1201307382\ee\AOLSoftware.exe" [08/10/2007 21:50]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [28/02/2006 12:00]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [21/06/2007 14:06]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [26/01/2008 21:38]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AOL 9.0 Tray Icon.lnk - C:\Program Files\AOL 9.0\aoltray.exe [23/01/2008 23:51:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a45a072-8e3c-11dc-939c-00120e4979ac}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL index.htm




-- End of Deckard's System Scanner: finished at 2008-01-29 21:41:04 ------------
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm

Re: help can't remove malware please can someone take a look

Unread postby gringo_pr » January 29th, 2008, 10:31 pm

hello jemma_79

I would like you to download this tool and run it

SafeBootKeyRepair

Download & run this tool > SafeBootKeyRepair-CF
It shall only take a short moment for it to finish running.
A log shall be produced at C:\SafeBoot_Repair.txt.
Please post that in your next reply

Gringo
User avatar
gringo_pr
Site Moderator
Site Moderator
 
Posts: 1816
Joined: March 31st, 2007, 1:35 pm
Location: puerto rico

Re: help can't remove malware please can someone take a look

Unread postby jemma_79 » January 29th, 2008, 10:45 pm

Reg export of SafeBoot key after repair:
========================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot]
"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\nm]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\nm.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI]
@="Driver Group"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC]
@="Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
@="Universal Serial Bus controllers"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
@="CD-ROM Drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
@="Standard floppy disk controller"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
@="Net"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
@="NetClient"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
@="NetService"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
@="NetTrans"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
@="PCMCIA Adapters"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
@="SCSIAdapter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
@="Floppy disk drive"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
@="Human Interface Devices"

========================
jemma_79
Regular Member
 
Posts: 44
Joined: November 9th, 2007, 6:42 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 33 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware